SUSE update for the Linux Kernel



| Updated: 2025-03-14
Risk Medium
Patch available YES
Number of vulnerabilities 320
CVE-ID CVE-2020-36788
CVE-2021-39698
CVE-2021-4148
CVE-2021-43056
CVE-2021-47358
CVE-2021-47359
CVE-2021-47360
CVE-2021-47361
CVE-2021-47362
CVE-2021-47363
CVE-2021-47364
CVE-2021-47365
CVE-2021-47366
CVE-2021-47367
CVE-2021-47368
CVE-2021-47369
CVE-2021-47370
CVE-2021-47371
CVE-2021-47372
CVE-2021-47373
CVE-2021-47374
CVE-2021-47375
CVE-2021-47376
CVE-2021-47378
CVE-2021-47379
CVE-2021-47380
CVE-2021-47381
CVE-2021-47382
CVE-2021-47383
CVE-2021-47384
CVE-2021-47385
CVE-2021-47386
CVE-2021-47387
CVE-2021-47388
CVE-2021-47389
CVE-2021-47390
CVE-2021-47391
CVE-2021-47392
CVE-2021-47393
CVE-2021-47394
CVE-2021-47395
CVE-2021-47396
CVE-2021-47397
CVE-2021-47398
CVE-2021-47399
CVE-2021-47400
CVE-2021-47401
CVE-2021-47402
CVE-2021-47403
CVE-2021-47404
CVE-2021-47405
CVE-2021-47406
CVE-2021-47407
CVE-2021-47408
CVE-2021-47409
CVE-2021-47410
CVE-2021-47412
CVE-2021-47413
CVE-2021-47414
CVE-2021-47415
CVE-2021-47416
CVE-2021-47417
CVE-2021-47418
CVE-2021-47419
CVE-2021-47420
CVE-2021-47421
CVE-2021-47422
CVE-2021-47423
CVE-2021-47424
CVE-2021-47425
CVE-2021-47426
CVE-2021-47427
CVE-2021-47428
CVE-2021-47429
CVE-2021-47430
CVE-2021-47431
CVE-2021-47433
CVE-2021-47434
CVE-2021-47435
CVE-2021-47436
CVE-2021-47437
CVE-2021-47438
CVE-2021-47439
CVE-2021-47440
CVE-2021-47441
CVE-2021-47442
CVE-2021-47443
CVE-2021-47444
CVE-2021-47445
CVE-2021-47446
CVE-2021-47447
CVE-2021-47448
CVE-2021-47449
CVE-2021-47450
CVE-2021-47451
CVE-2021-47452
CVE-2021-47453
CVE-2021-47454
CVE-2021-47455
CVE-2021-47456
CVE-2021-47457
CVE-2021-47458
CVE-2021-47459
CVE-2021-47460
CVE-2021-47461
CVE-2021-47462
CVE-2021-47463
CVE-2021-47464
CVE-2021-47465
CVE-2021-47466
CVE-2021-47467
CVE-2021-47468
CVE-2021-47469
CVE-2021-47470
CVE-2021-47471
CVE-2021-47472
CVE-2021-47473
CVE-2021-47474
CVE-2021-47475
CVE-2021-47476
CVE-2021-47477
CVE-2021-47478
CVE-2021-47479
CVE-2021-47480
CVE-2021-47481
CVE-2021-47482
CVE-2021-47483
CVE-2021-47484
CVE-2021-47485
CVE-2021-47486
CVE-2021-47488
CVE-2021-47489
CVE-2021-47490
CVE-2021-47491
CVE-2021-47492
CVE-2021-47493
CVE-2021-47494
CVE-2021-47495
CVE-2021-47496
CVE-2021-47497
CVE-2021-47498
CVE-2021-47499
CVE-2021-47500
CVE-2021-47501
CVE-2021-47502
CVE-2021-47503
CVE-2021-47505
CVE-2021-47506
CVE-2021-47507
CVE-2021-47509
CVE-2021-47510
CVE-2021-47511
CVE-2021-47513
CVE-2021-47514
CVE-2021-47516
CVE-2021-47518
CVE-2021-47520
CVE-2021-47521
CVE-2021-47522
CVE-2021-47523
CVE-2021-47524
CVE-2021-47525
CVE-2021-47526
CVE-2021-47527
CVE-2021-47528
CVE-2021-47529
CVE-2021-47533
CVE-2021-47534
CVE-2021-47535
CVE-2021-47536
CVE-2021-47537
CVE-2021-47540
CVE-2021-47541
CVE-2021-47542
CVE-2021-47544
CVE-2021-47549
CVE-2021-47550
CVE-2021-47551
CVE-2021-47553
CVE-2021-47554
CVE-2021-47556
CVE-2021-47558
CVE-2021-47559
CVE-2021-47560
CVE-2021-47562
CVE-2021-47563
CVE-2021-47564
CVE-2021-47565
CVE-2022-48632
CVE-2022-48634
CVE-2022-48636
CVE-2022-48652
CVE-2022-48662
CVE-2022-48671
CVE-2022-48672
CVE-2022-48673
CVE-2022-48675
CVE-2022-48686
CVE-2022-48687
CVE-2022-48688
CVE-2022-48692
CVE-2022-48693
CVE-2022-48694
CVE-2022-48695
CVE-2022-48697
CVE-2022-48699
CVE-2022-48700
CVE-2022-48701
CVE-2022-48702
CVE-2022-48703
CVE-2022-48704
CVE-2022-48708
CVE-2022-48709
CVE-2022-48710
CVE-2023-0160
CVE-2023-1829
CVE-2023-2860
CVE-2023-47233
CVE-2023-52591
CVE-2023-52654
CVE-2023-52655
CVE-2023-52676
CVE-2023-52686
CVE-2023-52690
CVE-2023-52702
CVE-2023-52703
CVE-2023-52707
CVE-2023-52708
CVE-2023-52730
CVE-2023-52733
CVE-2023-52736
CVE-2023-52738
CVE-2023-52739
CVE-2023-52740
CVE-2023-52741
CVE-2023-52742
CVE-2023-52743
CVE-2023-52744
CVE-2023-52745
CVE-2023-52747
CVE-2023-52753
CVE-2023-52754
CVE-2023-52756
CVE-2023-52759
CVE-2023-52763
CVE-2023-52764
CVE-2023-52766
CVE-2023-52774
CVE-2023-52781
CVE-2023-52788
CVE-2023-52789
CVE-2023-52791
CVE-2023-52798
CVE-2023-52799
CVE-2023-52800
CVE-2023-52804
CVE-2023-52805
CVE-2023-52806
CVE-2023-52810
CVE-2023-52811
CVE-2023-52814
CVE-2023-52816
CVE-2023-52817
CVE-2023-52818
CVE-2023-52819
CVE-2023-52821
CVE-2023-52825
CVE-2023-52826
CVE-2023-52832
CVE-2023-52833
CVE-2023-52834
CVE-2023-52838
CVE-2023-52840
CVE-2023-52841
CVE-2023-52844
CVE-2023-52847
CVE-2023-52853
CVE-2023-52854
CVE-2023-52855
CVE-2023-52856
CVE-2023-52858
CVE-2023-52864
CVE-2023-52865
CVE-2023-52867
CVE-2023-52868
CVE-2023-52870
CVE-2023-52871
CVE-2023-52872
CVE-2023-52873
CVE-2023-52875
CVE-2023-52876
CVE-2023-52877
CVE-2023-52878
CVE-2023-52880
CVE-2023-6531
CVE-2024-0639
CVE-2024-26739
CVE-2024-26764
CVE-2024-26828
CVE-2024-26840
CVE-2024-26852
CVE-2024-26862
CVE-2024-26921
CVE-2024-26925
CVE-2024-26928
CVE-2024-26929
CVE-2024-26930
CVE-2024-27398
CVE-2024-27413
CVE-2024-35811
CVE-2024-35815
CVE-2024-35817
CVE-2024-35863
CVE-2024-35867
CVE-2024-35868
CVE-2024-35895
CVE-2024-35904
CVE-2024-35905
CVE-2024-35914
CVE-2024-36926
CWE-ID CWE-416
CWE-354
CWE-252
CWE-667
CWE-399
CWE-388
CWE-476
CWE-369
CWE-401
CWE-119
CWE-193
CWE-125
CWE-908
CWE-200
CWE-20
CWE-835
CWE-682
CWE-404
CWE-362
CWE-121
CWE-665
CWE-415
CWE-269
CWE-191
CWE-190
CWE-617
CWE-264
CWE-366
Exploitation vector Local network
Public exploit Public exploit code for vulnerability #216 is available.
Public exploit code for vulnerability #308 is available.
Vulnerable software
 SUSE Linux Enterprise Server 15 SP4 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing ESPOS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15 SP4 LTSS
Operating systems & Components / Operating system

openSUSE Leap Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-amazon
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-apple
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP4_Update_27-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_122-default
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 320 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU90085

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36788

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nouveau_gem_new() function in drivers/gpu/drm/nouveau/nouveau_gem.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU61097

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-39698

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Linux kernel. A local user can run a specially crafted program to trigger the use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper validation of integrity check value

EUVDB-ID: #VU92749

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-4148

CWE-ID: CWE-354 - Improper Validation of Integrity Check Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Unchecked Return Value

EUVDB-ID: #VU63921

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-43056

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation error when handling SRR1 register values. A local user can perform a denial of service attack, when the host is running on Power8.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU91059

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47358

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gbphy_runtime_put_autosuspend(), gb_uart_probe() and gb_uart_remove() functions in drivers/staging/greybus/uart.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper locking

EUVDB-ID: #VU91510

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47359

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cifs_close_deferred_file() and cifs_close_all_deferred_files() functions in fs/cifs/misc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Resource management error

EUVDB-ID: #VU93605

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47360

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the binder_deferred_fd_close(), binder_transaction_buffer_release(), binder_free_txn_fixups(), binder_free_buf(), binder_thread_write() and binder_cleanup_transaction() functions in drivers/android/binder.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper error handling

EUVDB-ID: #VU90939

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47361

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the mcb_alloc_bus() function in drivers/mcb/mcb-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU90498

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47362

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the si_dpm_enable() function in drivers/gpu/drm/amd/pm/powerplay/si_dpm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Division by zero

EUVDB-ID: #VU91371

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47363

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the replace_nexthop_grp() function in net/ipv4/nexthop.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Memory leak

EUVDB-ID: #VU89964

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47364

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the compat_insnlist() function in drivers/staging/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory leak

EUVDB-ID: #VU91628

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47365

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the afs_extend_writeback() function in fs/afs/write.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Buffer overflow

EUVDB-ID: #VU93171

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47366

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the afs_fs_fetch_data(), afs_fs_store_data(), afs_fs_setattr_size() and afs_deliver_fs_get_capabilities() functions in fs/afs/fsclient.c, within the afs_fileserver_probe_result() and clear_bit() functions in fs/afs/fs_probe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Memory leak

EUVDB-ID: #VU91627

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47367

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the page_to_skb() function in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Resource management error

EUVDB-ID: #VU93188

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47368

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the enetc_clear_bdrs() and enetc_setup_irqs() functions in drivers/net/ethernet/freescale/enetc/enetc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) NULL pointer dereference

EUVDB-ID: #VU91457

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47369

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the qeth_clear_working_pool_list() function in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Resource management error

EUVDB-ID: #VU93266

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47370

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mptcp_sendmsg_frag() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory leak

EUVDB-ID: #VU89965

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-47371

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nexthops_dump() and EXPORT_SYMBOL() functions in net/ipv4/nexthop.c, within the vxlan_exit_batch_net() and register_nexthop_notifier() functions in drivers/net/vxlan.c. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU90136

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47372

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macb_remove() function in drivers/net/ethernet/cadence/macb_pci.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Off-by-one

EUVDB-ID: #VU91173

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47373

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the its_vpe_irq_domain_alloc() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Resource management error

EUVDB-ID: #VU93598

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47374

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the add_dma_entry() function in kernel/dma/debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU90138

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47375

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the blk_trace_remove_queue() function in kernel/trace/blktrace.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Buffer overflow

EUVDB-ID: #VU93604

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47376

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the check_btf_line() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU91058

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47378

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_rdma_free_queue(), nvme_rdma_conn_established(), nvme_rdma_route_resolved() and nvme_rdma_cm_handler() functions in drivers/nvme/host/rdma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU90139

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47379

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the spin_lock_irq() and blkcg_deactivate_policy() functions in block/blk-cgroup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) NULL pointer dereference

EUVDB-ID: #VU90494

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47380

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amd_mp2_pci_probe() function in drivers/hid/amd-sfh-hid/amd_sfh_pcie.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Buffer overflow

EUVDB-ID: #VU93502

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47381

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the xtensa_stack() function in sound/soc/sof/xtensa/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper locking

EUVDB-ID: #VU90741

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47382

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qeth_do_reset() function in drivers/s390/net/qeth_core_main.c, within the EXPORT_SYMBOL(), ccwgroup_set_offline() and ccwgroup_online_store() functions in drivers/s390/cio/ccwgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU91390

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47383

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vc_do_resize() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) NULL pointer dereference

EUVDB-ID: #VU90501

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47384

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the TEMP_TO_REG() and w83793_detect_subclients() functions in drivers/hwmon/w83793.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) NULL pointer dereference

EUVDB-ID: #VU90469

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47385

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the w83792d_detect_subclients() function in drivers/hwmon/w83792d.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) NULL pointer dereference

EUVDB-ID: #VU90503

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47386

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the w83791d_detect_subclients() function in drivers/hwmon/w83791d.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Resource management error

EUVDB-ID: #VU93189

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47387

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the sugov_tunables_free(), sugov_tunables_alloc(), sugov_init() and sugov_exit() functions in kernel/sched/cpufreq_schedutil.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free

EUVDB-ID: #VU90140

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47388

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee80211_crypto_ccmp_decrypt() and ieee80211_crypto_gcmp_decrypt() functions in net/mac80211/wpa.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Memory leak

EUVDB-ID: #VU91626

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47389

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sev_receive_start() function in arch/x86/kvm/svm/sev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

EUVDB-ID: #VU90300

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47390

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ioapic_write_indirect() function in arch/x86/kvm/ioapic.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU90141

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47391

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cma_cancel_operation() and rdma_resolve_addr() functions in drivers/infiniband/core/cma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Improper locking

EUVDB-ID: #VU90743

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47392

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cma_cancel_route(), cma_cancel_listens() and cma_listen_on_all() functions in drivers/infiniband/core/cma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Out-of-bounds read

EUVDB-ID: #VU90302

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47393

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mlxreg_fan_set_cur_state() function in drivers/hwmon/mlxreg-fan.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Use-after-free

EUVDB-ID: #VU90137

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47394

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __nft_release_table() and __nft_release_tables() functions in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Resource management error

EUVDB-ID: #VU93467

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47395

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ieee80211_parse_tx_radiotap() function in net/mac80211/tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Resource management error

EUVDB-ID: #VU93254

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47396

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mac80211_hwsim_beacon() function in drivers/net/wireless/mac80211_hwsim.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) NULL pointer dereference

EUVDB-ID: #VU92066

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47397

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sctp_rcv_ootb() function in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Memory leak

EUVDB-ID: #VU91625

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47398

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hfi1_ipoib_tx_timeout() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) NULL pointer dereference

EUVDB-ID: #VU90502

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47399

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ixgbe_xdp_setup() function in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c, within the ixgbe_max_channels() function in drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Resource management error

EUVDB-ID: #VU93185

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47400

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the hns3_nic_net_open() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Memory leak

EUVDB-ID: #VU91624

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47401

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ipoctal_inst_slot() and __ipoctal_remove() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Use-after-free

EUVDB-ID: #VU90142

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47402

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fl_walk() function in net/sched/cls_flower.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Memory leak

EUVDB-ID: #VU91623

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47403

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ipoctal_port_activate() and ipoctal_cleanup() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU90298

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47404

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Memory leak

EUVDB-ID: #VU89966

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47405

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hid_ctrl() and usbhid_stop() functions in drivers/hid/usbhid/hid-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper error handling

EUVDB-ID: #VU90940

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47406

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ext4_ext_replay_shrink_inode(), skip_hole() and ext4_ext_replay_set_iblocks() functions in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) NULL pointer dereference

EUVDB-ID: #VU93054

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47407

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the kvm_arch_free_vm() and kvm_arch_init_vm() functions in arch/x86/kvm/x86.c, within the kvm_page_track_cleanup() function in arch/x86/kvm/mmu/page_track.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Improper locking

EUVDB-ID: #VU91511

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47408

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the DEFINE_SPINLOCK(), get_next_corpse(), nf_ct_iterate_cleanup() and nf_conntrack_hash_resize() functions in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) NULL pointer dereference

EUVDB-ID: #VU92067

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47409

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dwc2_hcd_init() function in drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Resource management error

EUVDB-ID: #VU93599

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47410

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the svm_migrate_init() function in drivers/gpu/drm/amd/amdkfd/kfd_migrate.c, within the kgd2kfd_device_exit() function in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Improper error handling

EUVDB-ID: #VU90941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47412

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the block/bio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) NULL pointer dereference

EUVDB-ID: #VU90504

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47413

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ci_hdrc_imx_probe() function in drivers/usb/chipidea/ci_hdrc_imx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Resource management error

EUVDB-ID: #VU93392

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47414

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ipi_remote_fence_i() function in arch/riscv/mm/cacheflush.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) NULL pointer dereference

EUVDB-ID: #VU91233

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47415

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __iwl_mvm_remove_time_event() function in drivers/net/wireless/intel/iwlwifi/mvm/time-event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Memory leak

EUVDB-ID: #VU89967

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47416

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Memory leak

EUVDB-ID: #VU89968

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47417

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the strset__free() function in tools/lib/bpf/strset.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) NULL pointer dereference

EUVDB-ID: #VU90505

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47418

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fifo_set_limit() function in net/sched/sch_fifo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Resource management error

EUVDB-ID: #VU93280

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47419

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the taprio_destroy() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Memory leak

EUVDB-ID: #VU89969

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47420

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kfd_mem_dmaunmap_userptr() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Improper locking

EUVDB-ID: #VU90742

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47421

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the amdgpu_pci_error_detected() and amdgpu_pci_resume() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Memory leak

EUVDB-ID: #VU89970

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47422

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nv50_head_crc_late_register() function in drivers/gpu/drm/nouveau/dispnv50/crc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Memory leak

EUVDB-ID: #VU89971

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47423

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the drivers/gpu/drm/nouveau/nouveau_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Use of uninitialized resource

EUVDB-ID: #VU90976

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47424

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the i40e_clear_interrupt_scheme() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Information disclosure

EUVDB-ID: #VU91338

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47425

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the i2c_acpi_notify() function in drivers/i2c/i2c-core-acpi.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Memory leak

EUVDB-ID: #VU89972

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47426

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the bpf_int_jit_compile() function in arch/s390/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Use-after-free

EUVDB-ID: #VU91057

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47427

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsi_eh_abort() function in drivers/scsi/libiscsi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Resource management error

EUVDB-ID: #VU93186

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47428

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the EXC_COMMON_BEGIN() function in arch/powerpc/kernel/exceptions-64s.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Resource management error

EUVDB-ID: #VU93187

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47429

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the die_mce() function in arch/powerpc/kernel/traps.c, within the EXC_COMMON_BEGIN() and END_FTR_SECTION_IFSET() functions in arch/powerpc/kernel/exceptions-64s.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Input validation error

EUVDB-ID: #VU90856

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47430

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the setup_smap() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Information disclosure

EUVDB-ID: #VU91339

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47431

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the gmc_v9_0_hw_fini() function in drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c, within the gmc_v10_0_hw_fini() function in drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Resource management error

EUVDB-ID: #VU93292

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47433

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the btrfs_replace_file_extents() function in fs/btrfs/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Buffer overflow

EUVDB-ID: #VU93139

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47434

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the xhci_handle_stopped_cmd_ring() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) NULL pointer dereference

EUVDB-ID: #VU90405

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47435

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the start_io_acct() and dec_pending() functions in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) NULL pointer dereference

EUVDB-ID: #VU90404

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47436

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dsps_probe() function in drivers/usb/musb/musb_dsps.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Improper locking

EUVDB-ID: #VU90739

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47437

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the adis16475_set_freq() function in drivers/iio/imu/adis16475.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Memory leak

EUVDB-ID: #VU89935

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47438

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlx5_core_destroy_cq() function in drivers/net/ethernet/mellanox/mlx5/core/cq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) NULL pointer dereference

EUVDB-ID: #VU90533

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47439

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL() function in drivers/net/dsa/microchip/ksz_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) NULL pointer dereference

EUVDB-ID: #VU90408

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47440

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the encx24j600_spi_probe() function in drivers/net/ethernet/microchip/encx24j600.c, within the devm_regmap_init_encx24j600() function in drivers/net/ethernet/microchip/encx24j600-regmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Out-of-bounds read

EUVDB-ID: #VU90277

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47441

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the MLXSW_THERMAL_TEMP_SCORE_MAX GENMASK(), mlxsw_thermal_set_cur_state() and mlxsw_thermal_init() functions in drivers/net/ethernet/mellanox/mlxsw/core_thermal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Memory leak

EUVDB-ID: #VU89936

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47442

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the digital_in_send_sdd_req() function in net/nfc/digital_technology.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Memory leak

EUVDB-ID: #VU89937

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47443

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the digital_tg_configure_hw() and digital_tg_listen_mdaa() functions in net/nfc/digital_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Buffer overflow

EUVDB-ID: #VU93140

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47444

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the connector_bad_edid() function in drivers/gpu/drm/drm_edid.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) NULL pointer dereference

EUVDB-ID: #VU90407

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47445

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the msm_edp_ctrl_power() and msm_edp_ctrl_init() functions in drivers/gpu/drm/msm/edp/edp_ctrl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Improper error handling

EUVDB-ID: #VU90932

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47446

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the a4xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a4xx_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Improper error handling

EUVDB-ID: #VU90931

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47447

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the a3xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a3xx_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Infinite loop

EUVDB-ID: #VU91409

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47448

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the mptcp_check_data_fin(), mptcp_data_ready(), mptcp_check_for_eof(), mptcp_wait_data(), mptcp_recvmsg(), tcp_recv_timestamp(), mptcp_check_fastclose(), mptcp_check_readable() and mptcp_poll() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Improper locking

EUVDB-ID: #VU90738

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47449

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ice_ptp_flush_tx_tracker() function in drivers/net/ethernet/intel/ice/ice_ptp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Incorrect calculation

EUVDB-ID: #VU93753

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47450

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the hyp_get_page() function in arch/arm64/kvm/hyp/nvhe/page_alloc.c, within the host_s2_zalloc_pages_exact() function in arch/arm64/kvm/hyp/nvhe/mem_protect.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Improper locking

EUVDB-ID: #VU92011

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47451

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the idletimer_tg_create() function in net/netfilter/xt_IDLETIMER.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Improper resource shutdown or release

EUVDB-ID: #VU93745

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47452

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to failure to properly release resources within the nft_netdev_event() and nf_tables_netdev_event() functions in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Memory leak

EUVDB-ID: #VU89938

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47453

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ice_probe() and ice_remove() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Improper locking

EUVDB-ID: #VU92013

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47454

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __cpu_die() function in arch/powerpc/kernel/smp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Memory leak

EUVDB-ID: #VU89939

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47455

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ptp_clock_register() function in drivers/ptp/ptp_clock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Use-after-free

EUVDB-ID: #VU90060

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47456

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the peak_pci_remove() function in drivers/net/can/sja1000/peak_pci.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Resource management error

EUVDB-ID: #VU93183

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47457

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the isotp_sendmsg() function in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Buffer overflow

EUVDB-ID: #VU91306

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47458

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the ocfs2_initialize_super() function in fs/ocfs2/super.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) Use-after-free

EUVDB-ID: #VU90061

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47459

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the j1939_netdev_start() function in net/can/j1939/main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Buffer overflow

EUVDB-ID: #VU93141

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47460

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ocfs2_set_inode_data_inline() and ocfs2_convert_inline_data_to_extents() functions in fs/ocfs2/alloc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Race condition

EUVDB-ID: #VU93603

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47461

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the userfaultfd_writeprotect() function in fs/userfaultfd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) Use of uninitialized resource

EUVDB-ID: #VU90866

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47462

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the do_set_mempolicy() and sanitize_mpol_flags() functions in mm/mempolicy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) NULL pointer dereference

EUVDB-ID: #VU90406

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47463

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/linux/secretmem.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) NULL pointer dereference

EUVDB-ID: #VU90837

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47464

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the audit_filter_rules() function in kernel/auditsc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Stack-based buffer overflow

EUVDB-ID: #VU91296

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47465

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the _GLOBAL() and REST_NVGPRS() functions in arch/powerpc/kvm/book3s_hv_rmhandlers.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Memory leak

EUVDB-ID: #VU91619

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47466

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kmem_cache_open() function in mm/slub.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Information disclosure

EUVDB-ID: #VU91331

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47467

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the kfree_at_end() function in lib/kunit/executor_test.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Improper locking

EUVDB-ID: #VU92012

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47468

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nj_release() function in drivers/isdn/hardware/mISDN/netjet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Improper locking

EUVDB-ID: #VU90737

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47469

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the LIST_HEAD(), spi_add_device(), spi_add_device_locked(), spi_register_controller() and spi_unregister_controller() functions in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Use-after-free

EUVDB-ID: #VU90062

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47470

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __kmem_cache_create() function in mm/slub.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) NULL pointer dereference

EUVDB-ID: #VU90409

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47471

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mxsfb_irq_disable() function in drivers/gpu/drm/mxsfb/mxsfb_drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Memory leak

EUVDB-ID: #VU89940

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47472

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) Memory leak

EUVDB-ID: #VU89941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47473

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak in drivers/scsi/qla2xxx/qla_bsg.c. A local user can crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) Buffer overflow

EUVDB-ID: #VU91304

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47474

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the vmk80xx_do_bulk_msg() function in drivers/staging/comedi/drivers/vmk80xx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) NULL pointer dereference

EUVDB-ID: #VU90836

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47475

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the IC3_VERSION BIT() and vmk80xx_alloc_usb_buffers() functions in drivers/staging/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Input validation error

EUVDB-ID: #VU90851

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47476

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sizeof() and ni6501_find_endpoints() functions in drivers/staging/comedi/drivers/ni_usb6501.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) Information disclosure

EUVDB-ID: #VU91330

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47477

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the dt9812_read_info(), dt9812_read_multiple_registers(), dt9812_write_multiple_registers() and dt9812_rmw_multiple_registers() functions in drivers/staging/comedi/drivers/dt9812.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

122) Out-of-bounds read

EUVDB-ID: #VU91081

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47478

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the isofs_read_inode() function in fs/isofs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) Use-after-free

EUVDB-ID: #VU90059

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47479

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the r871xu_dev_remove() function in drivers/staging/rtl8712/usb_intf.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Resource management error

EUVDB-ID: #VU93589

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47480

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the scsi_device_dev_release_usercontext() function in drivers/scsi/scsi_sysfs.c, within the EXPORT_SYMBOL() function in drivers/scsi/scsi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Improper Initialization

EUVDB-ID: #VU91549

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47481

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the reg_create() and create_user_odp_mr() functions in drivers/infiniband/hw/mlx5/mr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Improper error handling

EUVDB-ID: #VU90930

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47482

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the batadv_tt_init() function in net/batman-adv/translation-table.c, within the batadv_nc_mesh_init() function in net/batman-adv/network-coding.c, within the batadv_mesh_init() function in net/batman-adv/main.c, within the batadv_bla_init() function in net/batman-adv/bridge_loop_avoidance.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) Double free

EUVDB-ID: #VU90920

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47483

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the regcache_rbtree_insert_to_block() function in drivers/base/regmap/regcache-rbtree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) NULL pointer dereference

EUVDB-ID: #VU90403

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47484

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nix_free_tx_vtag_entries() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c, within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) Buffer overflow

EUVDB-ID: #VU91305

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47485

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the qib_user_sdma_num_pages(), qib_user_sdma_free_pkt_frag(), qib_user_sdma_pin_pkt() and qib_user_sdma_queue_pkts() functions in drivers/infiniband/hw/qib/qib_user_sdma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

130) NULL pointer dereference

EUVDB-ID: #VU91225

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47486

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bpf_int_jit_compile() function in arch/riscv/net/bpf_jit_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Memory leak

EUVDB-ID: #VU89934

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47488

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the cgroup_kill_sb() function in kernel/cgroup/cgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

132) Out-of-bounds read

EUVDB-ID: #VU91082

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47489

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dp_phy_settings_write(), dp_phy_test_pattern_debugfs_write(), dp_dsc_passthrough_set(), trigger_hotplug(), dp_dsc_clock_en_write(), dp_dsc_slice_width_write(), dp_dsc_slice_height_write(), dp_dsc_bits_per_pixel_write() and dp_max_bpc_write() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Memory leak

EUVDB-ID: #VU90441

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47490

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ttm_transfered_destroy() function in drivers/gpu/drm/ttm/ttm_bo_util.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) Improper privilege management

EUVDB-ID: #VU93735

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47491

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the hugepage_vma_check() function in mm/khugepaged.c. A local user can read and manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) Improper error handling

EUVDB-ID: #VU92941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47492

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the collapse_file() function in mm/khugepaged.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) Race condition

EUVDB-ID: #VU91465

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47493

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the ocfs2_test_bg_bit_allocatable() function in fs/ocfs2/suballoc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Improper locking

EUVDB-ID: #VU91442

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47494

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cfg80211_mgmt_registrations_update(), cfg80211_mlme_register_mgmt(), cfg80211_mlme_unregister_socket() and cfg80211_rx_mgmt_khz() functions in net/wireless/mlme.c, within the INIT_WORK() and cfg80211_init_wdev() functions in net/wireless/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) Input validation error

EUVDB-ID: #VU90852

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47495

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) Buffer overflow

EUVDB-ID: #VU91197

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47496

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the tls_err_abort(), tls_tx_records(), tls_push_record(), tls_sw_recvmsg() and tls_sw_splice_read() functions in net/tls/tls_sw.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) Out-of-bounds read

EUVDB-ID: #VU90276

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47497

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the nvmem_shift_read_buffer_in_place() function in drivers/nvmem/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Resource management error

EUVDB-ID: #VU92964

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47498

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the dm_mq_queue_rq() function in drivers/md/dm-rq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) Memory leak

EUVDB-ID: #VU89922

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47499

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kxcjk1013_probe() and kxcjk1013_remove() functions in drivers/iio/accel/kxcjk-1013.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

143) Use-after-free

EUVDB-ID: #VU90050

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47500

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mma8452_trigger_setup() function in drivers/iio/accel/mma8452.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

144) NULL pointer dereference

EUVDB-ID: #VU90392

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47501

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_dbg_dump_desc() function in drivers/net/ethernet/intel/i40e/i40e_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

145) Buffer overflow

EUVDB-ID: #VU93137

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47502

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the slim_rx_mux_get(), slim_rx_mux_put() and slim_tx_mixer_put() functions in sound/soc/codecs/wcd934x.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

146) NULL pointer dereference

EUVDB-ID: #VU90388

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47503

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pm8001_alloc() function in drivers/scsi/pm8001/pm8001_init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

147) Use-after-free

EUVDB-ID: #VU90051

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47505

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the POLLFREE() function in include/uapi/asm-generic/poll.h, within the aio_poll(), aio_poll_complete_work(), aio_poll_cancel(), aio_poll_wake() and aio_poll_queue_proc() functions in fs/aio.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

148) Use-after-free

EUVDB-ID: #VU90052

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47506

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hash_delegation_locked(), unhash_delegation_locked() and nfsd4_cb_recall_prepare() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

149) NULL pointer dereference

EUVDB-ID: #VU90389

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47507

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the init_nfsd(), nfsd4_exit_pnfs() and exit_nfsd() functions in fs/nfsd/nfsctl.c, within the register_cld_notifier() function in fs/nfsd/nfs4recover.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

150) Buffer overflow

EUVDB-ID: #VU93398

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47509

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the snd_pcm_oss_set_fragment1() function in sound/core/oss/pcm_oss.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

151) Resource management error

EUVDB-ID: #VU93597

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47510

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the walk_up_log_tree(), walk_log_tree() and free_log_tree() functions in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

152) Buffer overflow

EUVDB-ID: #VU92005

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47511

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the snd_pcm_hw_param_value_min() and snd_pcm_oss_period_size() functions in sound/core/oss/pcm_oss.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

153) Memory leak

EUVDB-ID: #VU89923

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47513

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the felix_setup_mmio_filtering() function in drivers/net/dsa/ocelot/felix.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

154) Information disclosure

EUVDB-ID: #VU91329

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47514

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the devlink_nl_cmd_reload() function in net/core/devlink.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

155) Memory leak

EUVDB-ID: #VU89924

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47516

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nfp_cpp_area_cache_add() function in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

156) NULL pointer dereference

EUVDB-ID: #VU90531

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47518

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nfc_genl_dump_ses_done() function in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

157) Use-after-free

EUVDB-ID: #VU91053

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47520

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the pch_can_rx_normal() function in drivers/net/can/pch_can.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

158) Use-after-free

EUVDB-ID: #VU91052

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47521

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ems_pcmcia_add_card() function in drivers/net/can/sja1000/ems_pcmcia.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

159) NULL pointer dereference

EUVDB-ID: #VU90390

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47522

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bigben_worker() function in drivers/hid/hid-bigbenff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

160) Information disclosure

EUVDB-ID: #VU91327

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47523

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the hfi1_init(), hfi1_free_devdata(), hfi1_alloc_devdata() and cleanup_device_data() functions in drivers/infiniband/hw/hfi1/init.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

161) Information disclosure

EUVDB-ID: #VU91326

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47524

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the liteuart_probe() function in drivers/tty/serial/liteuart.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

162) Use-after-free

EUVDB-ID: #VU90054

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47525

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the liteuart_remove() function in drivers/tty/serial/liteuart.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

163) NULL pointer dereference

EUVDB-ID: #VU90393

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47526

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the liteuart_probe() function in drivers/tty/serial/liteuart.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

164) Memory leak

EUVDB-ID: #VU90437

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47527

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the uart_tty_port_shutdown() function in drivers/tty/serial/serial_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

165) NULL pointer dereference

EUVDB-ID: #VU90394

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47528

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cdnsp_endpoint_init() function in drivers/usb/cdns3/cdnsp-mem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

166) Memory leak

EUVDB-ID: #VU89926

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47529

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the iwl_uefi_reduce_power_section() function in drivers/net/wireless/intel/iwlwifi/fw/uefi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

167) NULL pointer dereference

EUVDB-ID: #VU93049

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47533

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vc4_atomic_commit_tail() function in drivers/gpu/drm/vc4/vc4_kms.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

168) Memory leak

EUVDB-ID: #VU91617

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47534

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vc4_atomic_commit_tail() function in drivers/gpu/drm/vc4/vc4_kms.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

169) Out-of-bounds read

EUVDB-ID: #VU90275

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47535

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the a6xx_get_gmu_registers() function in drivers/gpu/drm/msm/adreno/a6xx_gpu_state.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

170) Buffer overflow

EUVDB-ID: #VU91195

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47536

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the smc_lgr_unregister_conn() function in net/smc/smc_core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

171) Memory leak

EUVDB-ID: #VU89928

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47537

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the rvu_mbox_init() function in drivers/net/ethernet/marvell/octeontx2/af/rvu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

172) NULL pointer dereference

EUVDB-ID: #VU90395

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47540

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mt7915_get_phy_mode() function in drivers/net/wireless/mediatek/mt76/mt7915/mcu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

173) Use-after-free

EUVDB-ID: #VU90055

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47541

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlx4_en_try_alloc_resources() function in drivers/net/ethernet/mellanox/mlx4/en_netdev.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

174) NULL pointer dereference

EUVDB-ID: #VU90396

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47542

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the qlcnic_83xx_add_rings() function in drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

175) Buffer overflow

EUVDB-ID: #VU93138

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47544

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the include/net/sock.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

176) Use-after-free

EUVDB-ID: #VU90056

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47549

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sata_fsl_init_controller() and sata_fsl_remove() functions in drivers/ata/sata_fsl.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

177) Memory leak

EUVDB-ID: #VU90438

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47550

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the amdgpu_get_xgmi_hive() function in drivers/gpu/drm/amd/amdgpu/amdgpu_xgmi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

178) Improper Initialization

EUVDB-ID: #VU93606

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47551

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the stop_cpsch() function in drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

179) Memory leak

EUVDB-ID: #VU89932

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47553

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the init_idle() and idle_task_exit() functions in kernel/sched/core.c, within the bringup_cpu() function in kernel/cpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

180) NULL pointer dereference

EUVDB-ID: #VU90400

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47554

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vdpasim_free() function in drivers/vdpa/vdpa_sim/vdpa_sim.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

181) NULL pointer dereference

EUVDB-ID: #VU90530

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47556

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ethtool_set_coalesce() function in net/ethtool/ioctl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

182) Resource management error

EUVDB-ID: #VU92963

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47558

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the stmmac_release() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

183) NULL pointer dereference

EUVDB-ID: #VU90532

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47559

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the smc_link_down_work() and smc_vlan_by_tcpsk() functions in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

184) NULL pointer dereference

EUVDB-ID: #VU90398

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47560

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlxsw_sp_pude_event_func() function in drivers/net/ethernet/mellanox/mlxsw/spectrum.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

185) NULL pointer dereference

EUVDB-ID: #VU90401

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47562

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ice_vsi_alloc_arrays() function in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

186) Integer underflow

EUVDB-ID: #VU91665

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47563

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the ice_prepare_xdp_rings() and ice_xdp_setup_prog() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

187) Double Free

EUVDB-ID: #VU90887

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47564

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the prestera_port_bridge_join() function in drivers/net/ethernet/marvell/prestera/prestera_switchdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

188) Resource management error

EUVDB-ID: #VU93588

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47565

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the _scsih_ublock_io_device() function in drivers/scsi/mpt3sas/mpt3sas_scsih.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

189) Stack-based buffer overflow

EUVDB-ID: #VU91299

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48632

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the mlxbf_i2c_smbus_start_transaction() function in drivers/i2c/busses/i2c-mlxbf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

190) Improper locking

EUVDB-ID: #VU91451

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48634

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the gma_crtc_page_flip() function in drivers/gpu/drm/gma500/gma_display.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

191) Resource management error

EUVDB-ID: #VU92987

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48636

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the dasd_alias_remove_device() and dasd_alias_get_start_dev() functions in drivers/s390/block/dasd_alias.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

192) Race condition

EUVDB-ID: #VU93379

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48652

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the ice_set_dflt_vsi_ctx(), ice_vsi_setup_q_map(), ice_vsi_setup_q_map_mqprio() and ice_vsi_cfg_tc() functions in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

193) Resource management error

EUVDB-ID: #VU93197

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48662

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to resource management error within the i915_gem_context_release() and context_close() functions in drivers/gpu/drm/i915/gem/i915_gem_context.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

194) Improper locking

EUVDB-ID: #VU90763

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48671

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cgroup_attach_task_all() function in kernel/cgroup/cgroup-v1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

195) Off-by-one

EUVDB-ID: #VU91174

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48672

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an off-by-one error within the unflatten_dt_nodes() function in drivers/of/fdt.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

196) Improper locking

EUVDB-ID: #VU92028

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48673

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smc_wr_rx_process_cqes(), smc_wr_free_link() and smc_wr_create_link() functions in net/smc/smc_wr.c, within the smcr_link_init() function in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

197) Improper locking

EUVDB-ID: #VU90762

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48675

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mmput_async() function in kernel/fork.c, within the mutex_unlock() function in drivers/infiniband/core/umem_odp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

198) Use-after-free

EUVDB-ID: #VU90175

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48686

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_tcp_io_work() function in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

199) Out-of-bounds read

EUVDB-ID: #VU90314

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48687

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an out-of-bounds read error within the seg6_genl_sethmac() function in net/ipv6/seg6.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

200) NULL pointer dereference

EUVDB-ID: #VU90515

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48688

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_notify_client_of_netdev_close() and i40e_client_subtask() functions in drivers/net/ethernet/intel/i40e/i40e_client.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

201) NULL pointer dereference

EUVDB-ID: #VU90516

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48692

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the srp_process_rsp() function in drivers/infiniband/ulp/srp/ib_srp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

202) Information disclosure

EUVDB-ID: #VU91352

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48693

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to information disclosure within the brcmstb_pm_probe() function in drivers/soc/bcm/brcmstb/pm/pm-arm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

203) Improper locking

EUVDB-ID: #VU93387

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48694

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper locking within the irdma_generate_flush_completions() function in drivers/infiniband/hw/irdma/utils.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

204) Use-after-free

EUVDB-ID: #VU90171

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48695

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dequeue_next_fw_event() and _scsih_fw_event_cleanup_queue() functions in drivers/scsi/mpt3sas/mpt3sas_scsih.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

205) Use-after-free

EUVDB-ID: #VU90172

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48697

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __nvmet_req_complete() function in drivers/nvme/target/core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

206) Information disclosure

EUVDB-ID: #VU91350

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48699

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the update_sched_domain_debugfs() function in kernel/sched/debug.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

207) Information disclosure

EUVDB-ID: #VU91351

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48700

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the vaddr_get_pfns() function in drivers/vfio/vfio_iommu_type1.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

208) Out-of-bounds read

EUVDB-ID: #VU90313

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48701

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_usb_parse_audio_interface() function in sound/usb/stream.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

209) Out-of-bounds read

EUVDB-ID: #VU90312

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48702

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_emu10k1_pcm_channel_alloc() function in sound/pci/emu10k1/emupcm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

210) NULL pointer dereference

EUVDB-ID: #VU90514

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48703

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the int3400_setup_gddv(), int3400_thermal_probe() and int3400_thermal_remove() functions in drivers/thermal/intel/int340x_thermal/int3400_thermal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

211) Improper locking

EUVDB-ID: #VU91520

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48704

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the radeon_suspend_kms() function in drivers/gpu/drm/radeon/radeon_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

212) NULL pointer dereference

EUVDB-ID: #VU91227

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48708

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pcs_set_mux() function in drivers/pinctrl/pinctrl-single.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

213) Memory leak

EUVDB-ID: #VU89942

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48709

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ice_add_adv_recipe() function in drivers/net/ethernet/intel/ice/ice_switch.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

214) NULL pointer dereference

EUVDB-ID: #VU90411

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48710

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the radeon_fp_native_mode() function in drivers/gpu/drm/radeon/radeon_connectors.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

215) Improper locking

EUVDB-ID: #VU90810

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-0160

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

216) Use-after-free

EUVDB-ID: #VU75448

Risk: Low

CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-1829

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcindex_delete() function. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

217) Out-of-bounds read

EUVDB-ID: #VU78675

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2860

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the SR-IPv6 implementation when processing seg6 attributes. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

218) Use-after-free

EUVDB-ID: #VU82755

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-47233

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the brcm80211 in a brcmf_cfg80211_detach in the device unplugging (disconnect the USB by hotplug) code. An attacker with physical access to device can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

219) Improper locking

EUVDB-ID: #VU91538

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52591

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

220) Resource management error

EUVDB-ID: #VU93257

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52654

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the scm_fp_copy() function in net/core/scm.c, within the io_finish_async() and io_sqe_files_register() functions in fs/io_uring.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

221) Buffer overflow

EUVDB-ID: #VU93242

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52655

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the aqc111_rx_fixup() function in drivers/net/usb/aqc111.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

222) Integer overflow

EUVDB-ID: #VU93061

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52676

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the check_ptr_to_map_access() and check_stack_access_within_bounds() functions in kernel/bpf/verifier.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

223) NULL pointer dereference

EUVDB-ID: #VU90548

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52686

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the opal_event_init() function in arch/powerpc/platforms/powernv/opal-irqchip.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

224) Memory leak

EUVDB-ID: #VU89981

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52690

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the scom_debug_init_one() function in arch/powerpc/platforms/powernv/opal-xscom.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

225) Memory leak

EUVDB-ID: #VU89943

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52702

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ovs_meter_cmd_set() function in net/openvswitch/meter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

226) Use of uninitialized resource

EUVDB-ID: #VU91676

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52703

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the kalmia_send_init_packet() function in drivers/net/usb/kalmia.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

227) Use-after-free

EUVDB-ID: #VU90064

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52707

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the psi_trigger_destroy() function in kernel/sched/psi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

228) Improper error handling

EUVDB-ID: #VU90936

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52708

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the mmc_spi_probe() function in drivers/mmc/host/mmc_spi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

229) Information disclosure

EUVDB-ID: #VU91333

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52730

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the sdio_read_func_cis() and sdio_free_func_cis() functions in drivers/mmc/core/sdio_cis.c, within the sdio_release_func(), sdio_alloc_func() and sdio_add_func() functions in drivers/mmc/core/sdio_bus.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

230) Buffer overflow

EUVDB-ID: #VU92954

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52733

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the decompress_kernel() function in arch/s390/boot/compressed/decompressor.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

231) NULL pointer dereference

EUVDB-ID: #VU92063

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52736

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the snd_hda_codec_cleanup_for_unbind() function in sound/pci/hda/hda_codec.c, within the hda_codec_driver_probe() and hda_codec_driver_remove() functions in sound/pci/hda/hda_bind.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

232) NULL pointer dereference

EUVDB-ID: #VU90412

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52738

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_fence_driver_sw_fini() function in drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

233) Double free

EUVDB-ID: #VU90889

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52739

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the free_the_page() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

234) Resource management error

EUVDB-ID: #VU92965

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52740

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the exit_must_hard_disable() function in arch/powerpc/kernel/interrupt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

235) Use-after-free

EUVDB-ID: #VU90065

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52741

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the uncached_fill_pages() and readpages_fill_pages() functions in fs/cifs/file.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

236) Resource management error

EUVDB-ID: #VU93466

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52742

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the pl_vendor_req() function in drivers/net/usb/plusb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

237) Resource management error

EUVDB-ID: #VU93184

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52743

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ice_module_init() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

238) NULL pointer dereference

EUVDB-ID: #VU91456

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52744

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the irdma_add_mqh_4() function in drivers/infiniband/hw/irdma/cm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

239) NULL pointer dereference

EUVDB-ID: #VU90414

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52745

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ipoib_intf_init() function in drivers/infiniband/ulp/ipoib/ipoib_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

240) Information disclosure

EUVDB-ID: #VU91332

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52747

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the user_exp_rcv_setup() function in drivers/infiniband/hw/hfi1/file_ops.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

241) NULL pointer dereference

EUVDB-ID: #VU91226

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52753

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dc_stream_get_vblank_counter() and dc_stream_get_scanoutpos() functions in drivers/gpu/drm/amd/display/dc/core/dc_stream.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

242) Input validation error

EUVDB-ID: #VU90854

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52754

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the imon_probe() function in drivers/media/rc/imon.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

243) Buffer overflow

EUVDB-ID: #VU91307

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52756

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the include/linux/pwm.h. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

244) Reachable Assertion

EUVDB-ID: #VU90905

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52759

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the qd_check_sync() function in fs/gfs2/quota.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

245) Resource management error

EUVDB-ID: #VU93590

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52763

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the hci_dat_v1_init(), hci_dat_v1_cleanup() and hci_dat_v1_free_entry() functions in drivers/i3c/master/mipi-i3c-hci/dat_v1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

246) Out-of-bounds read

EUVDB-ID: #VU90278

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52764

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the set_flicker() function in drivers/media/usb/gspca/cpia1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

247) Out-of-bounds read

EUVDB-ID: #VU91086

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52766

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

248) Improper locking

EUVDB-ID: #VU91504

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52774

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dasd_profile_start() function in drivers/s390/block/dasd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

249) Incorrect calculation

EUVDB-ID: #VU93611

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52781

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the usb_get_bos_descriptor() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

250) NULL pointer dereference

EUVDB-ID: #VU91228

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52788

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i915_perf_open_ioctl(), i915_perf_add_config_ioctl() and i915_perf_remove_config_ioctl() functions in drivers/gpu/drm/i915/i915_perf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

251) NULL pointer dereference

EUVDB-ID: #VU90421

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52789

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vcc_probe() and vcc_table_remove() functions in drivers/tty/vcc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

252) Improper locking

EUVDB-ID: #VU93438

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52791

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the drivers/i2c/i2c-core.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

253) Use-after-free

EUVDB-ID: #VU90075

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52798

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath11k_wmi_pdev_dfs_radar_detected_event() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

254) Out-of-bounds read

EUVDB-ID: #VU90281

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52799

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbAllocCtl(), dbFindCtl(), dbAllocDmapLev(), dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

255) Use-after-free

EUVDB-ID: #VU90071

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52800

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

256) Out-of-bounds read

EUVDB-ID: #VU90284

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52804

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

257) Out-of-bounds read

EUVDB-ID: #VU90283

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52805

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the diInitInode() and diAlloc() functions in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

258) NULL pointer dereference

EUVDB-ID: #VU92064

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52806

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the snd_hdac_stream_assign() function in sound/hda/hdac_stream.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

259) Out-of-bounds read

EUVDB-ID: #VU90285

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52810

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

260) NULL pointer dereference

EUVDB-ID: #VU90535

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52811

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ibmvfc_get_event(), ibmvfc_queuecommand(), ibmvfc_bsg_timeout(), ibmvfc_bsg_plogi(), ibmvfc_bsg_request(), ibmvfc_reset_device(), ibmvfc_init_tmf(), ibmvfc_cancel_all_mq(), ibmvfc_abort_task_set(), ibmvfc_tgt_send_prli(), ibmvfc_tgt_send_plogi(), __ibmvfc_tgt_get_implicit_logout_evt(), ibmvfc_tgt_implicit_logout(), ibmvfc_tgt_move_login(), ibmvfc_adisc_timeout(), ibmvfc_tgt_adisc(), ibmvfc_tgt_query_target(), ibmvfc_discover_targets(), ibmvfc_channel_setup(), ibmvfc_channel_enquiry(), ibmvfc_npiv_login() and ibmvfc_npiv_logout() functions in drivers/scsi/ibmvscsi/ibmvfc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

261) NULL pointer dereference

EUVDB-ID: #VU90538

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52814

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_device_gpu_recover() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

262) Out-of-bounds read

EUVDB-ID: #VU90286

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52816

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the svm_range_apply_attrs() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

263) NULL pointer dereference

EUVDB-ID: #VU90432

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52817

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_debugfs_regs_smc_read() and amdgpu_debugfs_regs_smc_write() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

264) Out-of-bounds read

EUVDB-ID: #VU90289

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52818

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/include/pptable.h, drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

265) Out-of-bounds read

EUVDB-ID: #VU90288

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52819

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

266) NULL pointer dereference

EUVDB-ID: #VU90430

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52821

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the versatile_panel_get_modes() function in drivers/gpu/drm/panel/panel-arm-versatile.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

267) Use-after-free

EUVDB-ID: #VU90077

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52825

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the svm_range_vram_node_free() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

268) NULL pointer dereference

EUVDB-ID: #VU90454

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52826

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tpg110_get_modes() function in drivers/gpu/drm/panel/panel-tpo-tpg110.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

269) Integer overflow

EUVDB-ID: #VU91425

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52832

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the ieee80211_get_tx_power() function in net/mac80211/cfg.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

270) NULL pointer dereference

EUVDB-ID: #VU90452

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52833

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the btusb_mtk_hci_wmt_sync() function in drivers/bluetooth/btusb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

271) Buffer overflow

EUVDB-ID: #VU93304

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52834

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the atl1c_set_mac_addr(), atl1c_init_ring_ptrs(), atl1c_free_ring_resources(), atl1c_rx_checksum() and atl1c_alloc_rx_buffer() functions in drivers/net/ethernet/atheros/atl1c/atl1c_main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

272) Improper error handling

EUVDB-ID: #VU90933

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52838

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the imsttfb_probe() function in drivers/video/fbdev/imsttfb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

273) Use-after-free

EUVDB-ID: #VU91056

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52840

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rmi_unregister_function() function in drivers/input/rmi4/rmi_bus.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

274) Memory leak

EUVDB-ID: #VU89945

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52841

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vidtv_mux_init() and vidtv_channel_si_destroy() functions in drivers/media/test-drivers/vidtv/vidtv_mux.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

275) NULL pointer dereference

EUVDB-ID: #VU90448

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52844

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vidtv_psi_service_desc_init() and kstrdup() functions in drivers/media/test-drivers/vidtv/vidtv_psi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

276) Use-after-free

EUVDB-ID: #VU91054

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52847

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bttv_remove() function in drivers/media/pci/bt8xx/bttv-driver.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

277) NULL pointer dereference

EUVDB-ID: #VU91229

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52853

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cp2112_gpio_irq_startup() and cp2112_probe() functions in drivers/hid/hid-cp2112.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

278) Use-after-free

EUVDB-ID: #VU90083

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52854

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL() function in kernel/padata.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

279) NULL pointer dereference

EUVDB-ID: #VU90435

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52855

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

280) NULL pointer dereference

EUVDB-ID: #VU90434

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52856

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the lt8912_bridge_detach() function in drivers/gpu/drm/bridge/lontium-lt8912b.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

281) NULL pointer dereference

EUVDB-ID: #VU90433

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52858

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt7629.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

282) Buffer overflow

EUVDB-ID: #VU91198

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52864

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the wmi_dev_match() function in drivers/platform/x86/wmi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

283) NULL pointer dereference

EUVDB-ID: #VU90425

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52865

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init_early() and mtk_infrasys_init() functions in drivers/clk/mediatek/clk-mt6797.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

284) Buffer overflow

EUVDB-ID: #VU91308

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52867

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the drivers/gpu/drm/radeon/evergreen.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

285) Buffer overflow

EUVDB-ID: #VU93616

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52868

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the thermal_zone_bind_cooling_device() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

286) NULL pointer dereference

EUVDB-ID: #VU90460

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52870

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the clk_mt6765_apmixed_probe(), clk_mt6765_top_probe() and clk_mt6765_ifr_probe() functions in drivers/clk/mediatek/clk-mt6765.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

287) Buffer overflow

EUVDB-ID: #VU93143

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52871

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the qcom_llcc_probe() function in drivers/soc/qcom/llcc-qcom.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

288) Race condition

EUVDB-ID: #VU91466

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52872

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the gsm_modem_upd_via_msc() function in drivers/tty/n_gsm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

289) NULL pointer dereference

EUVDB-ID: #VU90428

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52873

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the clk_mt6779_apmixed_probe() and clk_mt6779_top_probe() functions in drivers/clk/mediatek/clk-mt6779.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

290) NULL pointer dereference

EUVDB-ID: #VU90424

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52875

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init_early(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt2701.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

291) NULL pointer dereference

EUVDB-ID: #VU90413

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52876

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the clk_mt7629_ethsys_init() and clk_mt7629_sgmiisys_init() functions in drivers/clk/mediatek/clk-mt7629-eth.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

292) NULL pointer dereference

EUVDB-ID: #VU90422

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52877

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tcpm_pd_svdm() function in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

293) Out-of-bounds read

EUVDB-ID: #VU91083

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52878

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the can_put_echo_skb() function in drivers/net/can/dev/skb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

294) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU89899

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52880

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to missing permissions checks within the gsmld_open() function in drivers/tty/n_gsm.c. A local user with CAP_NET_ADMIN capability can create a GSM network.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

295) Race condition

EUVDB-ID: #VU85022

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6531

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition when the unix garbage collector's deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

296) Improper locking

EUVDB-ID: #VU88894

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0639

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

297) Use-after-free

EUVDB-ID: #VU90214

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26739

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

298) Resource management error

EUVDB-ID: #VU93844

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26764

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

299) Integer underflow

EUVDB-ID: #VU91674

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26828

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

300) Memory leak

EUVDB-ID: #VU90005

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26840

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kmem_cache_free() and cachefiles_daemon_unbind() functions in fs/cachefiles/bind.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

301) Use-after-free

EUVDB-ID: #VU90194

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26852

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

302) Race condition within a thread

EUVDB-ID: #VU91434

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26862

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

303) Integer underflow

EUVDB-ID: #VU91672

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26921

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the nf_ct_frag6_queue() and nf_ct_frag6_gather() functions in net/ipv6/netfilter/nf_conntrack_reasm.c, within the ip_frag_queue() and ip_defrag() functions in net/ipv4/ip_fragment.c, within the FRAG_CB(), inet_frag_queue_insert(), inet_frag_reasm_prepare(), EXPORT_SYMBOL() and inet_frag_reasm_finish() functions in net/ipv4/inet_fragment.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

304) Improper locking

EUVDB-ID: #VU92034

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26925

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

305) Use-after-free

EUVDB-ID: #VU90192

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26928

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_debug_files_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

306) Double free

EUVDB-ID: #VU90894

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26929

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to a double free error within the qla2x00_els_dcmd_sp_free() and qla24xx_els_dcmd_iocb() functions in drivers/scsi/qla2xxx/qla_iocb.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

307) Double free

EUVDB-ID: #VU90895

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26930

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to a double free error within the kfree() function in drivers/scsi/qla2xxx/qla_os.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

308) Use-after-free

EUVDB-ID: #VU89672

Risk: Medium

CVSSv4.0: 5.7 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2024-27398

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

309) Buffer overflow

EUVDB-ID: #VU93470

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27413

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the efi_capsule_open() function in drivers/firmware/efi/capsule-loader.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

310) Use-after-free

EUVDB-ID: #VU90164

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35811

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the brcmf_notify_escan_complete() and brcmf_cfg80211_detach() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

311) Resource management error

EUVDB-ID: #VU93271

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35815

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the aio_setup_ring() and kiocb_set_cancel_fn() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

312) Resource management error

EUVDB-ID: #VU93595

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35817

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the amdgpu_ttm_gart_bind() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

313) Use-after-free

EUVDB-ID: #VU90151

Risk: Medium

CVSSv4.0: 4.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-35863

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

314) Use-after-free

EUVDB-ID: #VU90154

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35867

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_stats_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

315) Use-after-free

EUVDB-ID: #VU90155

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35868

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_stats_proc_write() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

316) Improper locking

EUVDB-ID: #VU90752

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35895

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

317) NULL pointer dereference

EUVDB-ID: #VU93461

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35904

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the init_sel_fs() function in security/selinux/selinuxfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

318) Out-of-bounds read

EUVDB-ID: #VU90307

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35905

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

319) Improper locking

EUVDB-ID: #VU90753

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35914

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the lock_rename() and unlock_rename() functions in fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

320) NULL pointer dereference

EUVDB-ID: #VU90384

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36926

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pci_dma_bus_setup_pSeriesLP() function in arch/powerpc/platforms/pseries/iommu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###