SUSE update for the Linux Kernel

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the binder_deferred_fd_close(), binder_transaction_buffer_release(), binder_free_txn_fixups(), binder_free_buf(), binder_thread_write() and binder_cleanup_transaction() functions in drivers/android/binder.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper error handling

EUVDB-ID: #VU90939

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47361

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the mcb_alloc_bus() function in drivers/mcb/mcb-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU90498

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47362

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the si_dpm_enable() function in drivers/gpu/drm/amd/pm/powerplay/si_dpm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Division by zero

EUVDB-ID: #VU91371

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47363

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the replace_nexthop_grp() function in net/ipv4/nexthop.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Memory leak

EUVDB-ID: #VU89964

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47364

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the compat_insnlist() function in drivers/staging/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory leak

EUVDB-ID: #VU91628

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47365

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the afs_extend_writeback() function in fs/afs/write.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Buffer overflow

EUVDB-ID: #VU93171

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47366

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the afs_fs_fetch_data(), afs_fs_store_data(), afs_fs_setattr_size() and afs_deliver_fs_get_capabilities() functions in fs/afs/fsclient.c, within the afs_fileserver_probe_result() and clear_bit() functions in fs/afs/fs_probe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Memory leak

EUVDB-ID: #VU91627

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47367

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the page_to_skb() function in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Resource management error

EUVDB-ID: #VU93188

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47368

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the enetc_clear_bdrs() and enetc_setup_irqs() functions in drivers/net/ethernet/freescale/enetc/enetc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) NULL pointer dereference

EUVDB-ID: #VU91457

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47369

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the qeth_clear_working_pool_list() function in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Resource management error

EUVDB-ID: #VU93266

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47370

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mptcp_sendmsg_frag() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory leak

EUVDB-ID: #VU89965

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-47371

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nexthops_dump() and EXPORT_SYMBOL() functions in net/ipv4/nexthop.c, within the vxlan_exit_batch_net() and register_nexthop_notifier() functions in drivers/net/vxlan.c. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU90136

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47372

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macb_remove() function in drivers/net/ethernet/cadence/macb_pci.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Off-by-one

EUVDB-ID: #VU91173

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47373

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the its_vpe_irq_domain_alloc() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Resource management error

EUVDB-ID: #VU93598

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47374

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the add_dma_entry() function in kernel/dma/debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU90138

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47375

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the blk_trace_remove_queue() function in kernel/trace/blktrace.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Buffer overflow

EUVDB-ID: #VU93604

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47376

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the check_btf_line() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU91058

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47378

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_rdma_free_queue(), nvme_rdma_conn_established(), nvme_rdma_route_resolved() and nvme_rdma_cm_handler() functions in drivers/nvme/host/rdma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU90139

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47379

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the spin_lock_irq() and blkcg_deactivate_policy() functions in block/blk-cgroup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) NULL pointer dereference

EUVDB-ID: #VU90494

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47380

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amd_mp2_pci_probe() function in drivers/hid/amd-sfh-hid/amd_sfh_pcie.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Buffer overflow

EUVDB-ID: #VU93502

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47381

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the xtensa_stack() function in sound/soc/sof/xtensa/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper locking

EUVDB-ID: #VU90741

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47382

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qeth_do_reset() function in drivers/s390/net/qeth_core_main.c, within the EXPORT_SYMBOL(), ccwgroup_set_offline() and ccwgroup_online_store() functions in drivers/s390/cio/ccwgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU91390

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47383

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vc_do_resize() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) NULL pointer dereference

EUVDB-ID: #VU90501

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47384

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the TEMP_TO_REG() and w83793_detect_subclients() functions in drivers/hwmon/w83793.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) NULL pointer dereference

EUVDB-ID: #VU90469

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47385

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the w83792d_detect_subclients() function in drivers/hwmon/w83792d.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) NULL pointer dereference

EUVDB-ID: #VU90503

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47386

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the w83791d_detect_subclients() function in drivers/hwmon/w83791d.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Resource management error

EUVDB-ID: #VU93189

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47387

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the sugov_tunables_free(), sugov_tunables_alloc(), sugov_init() and sugov_exit() functions in kernel/sched/cpufreq_schedutil.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free

EUVDB-ID: #VU90140

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47388

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee80211_crypto_ccmp_decrypt() and ieee80211_crypto_gcmp_decrypt() functions in net/mac80211/wpa.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Memory leak

EUVDB-ID: #VU91626

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47389

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sev_receive_start() function in arch/x86/kvm/svm/sev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

EUVDB-ID: #VU90300

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47390

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ioapic_write_indirect() function in arch/x86/kvm/ioapic.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU90141

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47391

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cma_cancel_operation() and rdma_resolve_addr() functions in drivers/infiniband/core/cma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Improper locking

EUVDB-ID: #VU90743

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47392

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cma_cancel_route(), cma_cancel_listens() and cma_listen_on_all() functions in drivers/infiniband/core/cma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Out-of-bounds read

EUVDB-ID: #VU90302

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47393

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mlxreg_fan_set_cur_state() function in drivers/hwmon/mlxreg-fan.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Use-after-free

EUVDB-ID: #VU90137

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47394

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __nft_release_table() and __nft_release_tables() functions in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Resource management error

EUVDB-ID: #VU93467

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47395

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ieee80211_parse_tx_radiotap() function in net/mac80211/tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Resource management error

EUVDB-ID: #VU93254

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47396

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mac80211_hwsim_beacon() function in drivers/net/wireless/mac80211_hwsim.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) NULL pointer dereference

EUVDB-ID: #VU92066

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47397

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sctp_rcv_ootb() function in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Memory leak

EUVDB-ID: #VU91625

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47398

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hfi1_ipoib_tx_timeout() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) NULL pointer dereference

EUVDB-ID: #VU90502

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47399

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ixgbe_xdp_setup() function in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c, within the ixgbe_max_channels() function in drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Resource management error

EUVDB-ID: #VU93185

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47400

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the hns3_nic_net_open() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Memory leak

EUVDB-ID: #VU91624

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47401

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ipoctal_inst_slot() and __ipoctal_remove() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Use-after-free

EUVDB-ID: #VU90142

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47402

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fl_walk() function in net/sched/cls_flower.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Memory leak

EUVDB-ID: #VU91623

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47403

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ipoctal_port_activate() and ipoctal_cleanup() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU90298

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47404

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Memory leak

EUVDB-ID: #VU89966

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47405

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hid_ctrl() and usbhid_stop() functions in drivers/hid/usbhid/hid-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper error handling

EUVDB-ID: #VU90940

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47406

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ext4_ext_replay_shrink_inode(), skip_hole() and ext4_ext_replay_set_iblocks() functions in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) NULL pointer dereference

EUVDB-ID: #VU93054

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47407

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the kvm_arch_free_vm() and kvm_arch_init_vm() functions in arch/x86/kvm/x86.c, within the kvm_page_track_cleanup() function in arch/x86/kvm/mmu/page_track.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Improper locking

EUVDB-ID: #VU91511

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47408

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the DEFINE_SPINLOCK(), get_next_corpse(), nf_ct_iterate_cleanup() and nf_conntrack_hash_resize() functions in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) NULL pointer dereference

EUVDB-ID: #VU92067

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47409

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dwc2_hcd_init() function in drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Resource management error

EUVDB-ID: #VU93599

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47410

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the svm_migrate_init() function in drivers/gpu/drm/amd/amdkfd/kfd_migrate.c, within the kgd2kfd_device_exit() function in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Improper error handling

EUVDB-ID: #VU90941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47412

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the block/bio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) NULL pointer dereference

EUVDB-ID: #VU90504

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47413

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ci_hdrc_imx_probe() function in drivers/usb/chipidea/ci_hdrc_imx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Resource management error

EUVDB-ID: #VU93392

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47414

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ipi_remote_fence_i() function in arch/riscv/mm/cacheflush.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) NULL pointer dereference

EUVDB-ID: #VU91233

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47415

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __iwl_mvm_remove_time_event() function in drivers/net/wireless/intel/iwlwifi/mvm/time-event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Memory leak

EUVDB-ID: #VU89967

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47416

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Memory leak

EUVDB-ID: #VU89968

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47417

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the strset__free() function in tools/lib/bpf/strset.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) NULL pointer dereference

EUVDB-ID: #VU90505

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47418

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fifo_set_limit() function in net/sched/sch_fifo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Resource management error

EUVDB-ID: #VU93280

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47419

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the taprio_destroy() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Memory leak

EUVDB-ID: #VU89969

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47420

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kfd_mem_dmaunmap_userptr() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Improper locking

EUVDB-ID: #VU90742

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47421

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the amdgpu_pci_error_detected() and amdgpu_pci_resume() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Memory leak

EUVDB-ID: #VU89970

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47422

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nv50_head_crc_late_register() function in drivers/gpu/drm/nouveau/dispnv50/crc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Memory leak

EUVDB-ID: #VU89971

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47423

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the drivers/gpu/drm/nouveau/nouveau_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Use of uninitialized resource

EUVDB-ID: #VU90976

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47424

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the i40e_clear_interrupt_scheme() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Information disclosure

EUVDB-ID: #VU91338

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47425

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the i2c_acpi_notify() function in drivers/i2c/i2c-core-acpi.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Memory leak

EUVDB-ID: #VU89972

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47426

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the bpf_int_jit_compile() function in arch/s390/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Use-after-free

EUVDB-ID: #VU91057

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47427

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsi_eh_abort() function in drivers/scsi/libiscsi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Resource management error

EUVDB-ID: #VU93186

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47428

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the EXC_COMMON_BEGIN() function in arch/powerpc/kernel/exceptions-64s.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Resource management error

EUVDB-ID: #VU93187

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47429

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the die_mce() function in arch/powerpc/kernel/traps.c, within the EXC_COMMON_BEGIN() and END_FTR_SECTION_IFSET() functions in arch/powerpc/kernel/exceptions-64s.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Input validation error

EUVDB-ID: #VU90856

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47430

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the setup_smap() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Information disclosure

EUVDB-ID: #VU91339

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47431

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the gmc_v9_0_hw_fini() function in drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c, within the gmc_v10_0_hw_fini() function in drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Resource management error

EUVDB-ID: #VU93292

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47433

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the btrfs_replace_file_extents() function in fs/btrfs/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Buffer overflow

EUVDB-ID: #VU93139

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47434

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the xhci_handle_stopped_cmd_ring() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) NULL pointer dereference

EUVDB-ID: #VU90405

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47435

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the start_io_acct() and dec_pending() functions in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) NULL pointer dereference

EUVDB-ID: #VU90404

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47436

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dsps_probe() function in drivers/usb/musb/musb_dsps.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Improper locking

EUVDB-ID: #VU90739

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47437

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the adis16475_set_freq() function in drivers/iio/imu/adis16475.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Memory leak

EUVDB-ID: #VU89935

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47438

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlx5_core_destroy_cq() function in drivers/net/ethernet/mellanox/mlx5/core/cq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) NULL pointer dereference

EUVDB-ID: #VU90533

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47439

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL() function in drivers/net/dsa/microchip/ksz_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) NULL pointer dereference

EUVDB-ID: #VU90408

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47440

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the encx24j600_spi_probe() function in drivers/net/ethernet/microchip/encx24j600.c, within the devm_regmap_init_encx24j600() function in drivers/net/ethernet/microchip/encx24j600-regmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Out-of-bounds read

EUVDB-ID: #VU90277

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47441

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the MLXSW_THERMAL_TEMP_SCORE_MAX GENMASK(), mlxsw_thermal_set_cur_state() and mlxsw_thermal_init() functions in drivers/net/ethernet/mellanox/mlxsw/core_thermal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Memory leak

EUVDB-ID: #VU89936

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47442

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the digital_in_send_sdd_req() function in net/nfc/digital_technology.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Memory leak

EUVDB-ID: #VU89937

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47443

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the digital_tg_configure_hw() and digital_tg_listen_mdaa() functions in net/nfc/digital_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Buffer overflow

EUVDB-ID: #VU93140

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47444

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the connector_bad_edid() function in drivers/gpu/drm/drm_edid.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) NULL pointer dereference

EUVDB-ID: #VU90407

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47445

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the msm_edp_ctrl_power() and msm_edp_ctrl_init() functions in drivers/gpu/drm/msm/edp/edp_ctrl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Improper error handling

EUVDB-ID: #VU90932

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47446

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the a4xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a4xx_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Improper error handling

EUVDB-ID: #VU90931

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47447

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the a3xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a3xx_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Infinite loop

EUVDB-ID: #VU91409

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47448

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the mptcp_check_data_fin(), mptcp_data_ready(), mptcp_check_for_eof(), mptcp_wait_data(), mptcp_recvmsg(), tcp_recv_timestamp(), mptcp_check_fastclose(), mptcp_check_readable() and mptcp_poll() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Improper locking

EUVDB-ID: #VU90738

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47449

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ice_ptp_flush_tx_tracker() function in drivers/net/ethernet/intel/ice/ice_ptp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Incorrect calculation

EUVDB-ID: #VU93753

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47450

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the hyp_get_page() function in arch/arm64/kvm/hyp/nvhe/page_alloc.c, within the host_s2_zalloc_pages_exact() function in arch/arm64/kvm/hyp/nvhe/mem_protect.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Improper locking

EUVDB-ID: #VU92011

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47451

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the idletimer_tg_create() function in net/netfilter/xt_IDLETIMER.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Improper resource shutdown or release

EUVDB-ID: #VU93745

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47452

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to failure to properly release resources within the nft_netdev_event() and nf_tables_netdev_event() functions in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Memory leak

EUVDB-ID: #VU89938

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47453

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ice_probe() and ice_remove() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Improper locking

EUVDB-ID: #VU92013

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47454

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __cpu_die() function in arch/powerpc/kernel/smp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Memory leak

EUVDB-ID: #VU89939

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47455

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ptp_clock_register() function in drivers/ptp/ptp_clock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Use-after-free

EUVDB-ID: #VU90060

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47456

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the peak_pci_remove() function in drivers/net/can/sja1000/peak_pci.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Resource management error

EUVDB-ID: #VU93183

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47457

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the isotp_sendmsg() function in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Buffer overflow

EUVDB-ID: #VU91306

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47458

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the ocfs2_initialize_super() function in fs/ocfs2/super.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) Use-after-free

EUVDB-ID: #VU90061

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47459

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the j1939_netdev_start() function in net/can/j1939/main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Buffer overflow

EUVDB-ID: #VU93141

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47460

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ocfs2_set_inode_data_inline() and ocfs2_convert_inline_data_to_extents() functions in fs/ocfs2/alloc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Race condition

EUVDB-ID: #VU93603

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47461

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the userfaultfd_writeprotect() function in fs/userfaultfd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) Use of uninitialized resource

EUVDB-ID: #VU90866

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47462

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the do_set_mempolicy() and sanitize_mpol_flags() functions in mm/mempolicy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) NULL pointer dereference

EUVDB-ID: #VU90406

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47463

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/linux/secretmem.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) NULL pointer dereference

EUVDB-ID: #VU90837

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47464

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the audit_filter_rules() function in kernel/auditsc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Stack-based buffer overflow

EUVDB-ID: #VU91296

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47465

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the _GLOBAL() and REST_NVGPRS() functions in arch/powerpc/kvm/book3s_hv_rmhandlers.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Memory leak

EUVDB-ID: #VU91619

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47466

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kmem_cache_open() function in mm/slub.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Information disclosure

EUVDB-ID: #VU91331

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47467

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the kfree_at_end() function in lib/kunit/executor_test.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Improper locking

EUVDB-ID: #VU92012

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47468

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nj_release() function in drivers/isdn/hardware/mISDN/netjet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Improper locking

EUVDB-ID: #VU90737

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47469

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the LIST_HEAD(), spi_add_device(), spi_add_device_locked(), spi_register_controller() and spi_unregister_controller() functions in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Use-after-free

EUVDB-ID: #VU90062

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47470

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __kmem_cache_create() function in mm/slub.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) NULL pointer dereference

EUVDB-ID: #VU90409

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47471

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mxsfb_irq_disable() function in drivers/gpu/drm/mxsfb/mxsfb_drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Memory leak

EUVDB-ID: #VU89940

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47472

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) Memory leak

EUVDB-ID: #VU89941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47473

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak in drivers/scsi/qla2xxx/qla_bsg.c. A local user can crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) Buffer overflow

EUVDB-ID: #VU91304

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47474

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the vmk80xx_do_bulk_msg() function in drivers/staging/comedi/drivers/vmk80xx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) NULL pointer dereference

EUVDB-ID: #VU90836

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47475

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the IC3_VERSION BIT() and vmk80xx_alloc_usb_buffers() functions in drivers/staging/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Input validation error

EUVDB-ID: #VU90851

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47476

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sizeof() and ni6501_find_endpoints() functions in drivers/staging/comedi/drivers/ni_usb6501.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) Information disclosure

EUVDB-ID: #VU91330

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47477

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the dt9812_read_info(), dt9812_read_multiple_registers(), dt9812_write_multiple_registers() and dt9812_rmw_multiple_registers() functions in drivers/staging/comedi/drivers/dt9812.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

122) Out-of-bounds read

EUVDB-ID: #VU91081

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47478

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the isofs_read_inode() function in fs/isofs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) Use-after-free

EUVDB-ID: #VU90059

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47479

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the r871xu_dev_remove() function in drivers/staging/rtl8712/usb_intf.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Resource management error

EUVDB-ID: #VU93589

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47480

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the scsi_device_dev_release_usercontext() function in drivers/scsi/scsi_sysfs.c, within the EXPORT_SYMBOL() function in drivers/scsi/scsi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Improper Initialization

EUVDB-ID: #VU91549

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47481

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the reg_create() and create_user_odp_mr() functions in drivers/infiniband/hw/mlx5/mr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Improper error handling

EUVDB-ID: #VU90930

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47482

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the batadv_tt_init() function in net/batman-adv/translation-table.c, within the batadv_nc_mesh_init() function in net/batman-adv/network-coding.c, within the batadv_mesh_init() function in net/batman-adv/main.c, within the batadv_bla_init() function in net/batman-adv/bridge_loop_avoidance.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) Double free

EUVDB-ID: #VU90920

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47483

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the regcache_rbtree_insert_to_block() function in drivers/base/regmap/regcache-rbtree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) NULL pointer dereference

EUVDB-ID: #VU90403

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47484

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nix_free_tx_vtag_entries() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c, within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) Buffer overflow

EUVDB-ID: #VU91305

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47485

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the qib_user_sdma_num_pages(), qib_user_sdma_free_pkt_frag(), qib_user_sdma_pin_pkt() and qib_user_sdma_queue_pkts() functions in drivers/infiniband/hw/qib/qib_user_sdma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

130) NULL pointer dereference

EUVDB-ID: #VU91225

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47486

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bpf_int_jit_compile() function in arch/riscv/net/bpf_jit_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Memory leak

EUVDB-ID: #VU89934

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47488

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the cgroup_kill_sb() function in kernel/cgroup/cgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

132) Out-of-bounds read

EUVDB-ID: #VU91082

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47489

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dp_phy_settings_write(), dp_phy_test_pattern_debugfs_write(), dp_dsc_passthrough_set(), trigger_hotplug(), dp_dsc_clock_en_write(), dp_dsc_slice_width_write(), dp_dsc_slice_height_write(), dp_dsc_bits_per_pixel_write() and dp_max_bpc_write() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Memory leak

EUVDB-ID: #VU90441

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47490

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ttm_transfered_destroy() function in drivers/gpu/drm/ttm/ttm_bo_util.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) Improper privilege management

EUVDB-ID: #VU93735

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47491

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the hugepage_vma_check() function in mm/khugepaged.c. A local user can read and manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) Improper error handling

EUVDB-ID: #VU92941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47492

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the collapse_file() function in mm/khugepaged.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) Race condition

EUVDB-ID: #VU91465

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47493

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the ocfs2_test_bg_bit_allocatable() function in fs/ocfs2/suballoc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Improper locking

EUVDB-ID: #VU91442

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47494

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cfg80211_mgmt_registrations_update(), cfg80211_mlme_register_mgmt(), cfg80211_mlme_unregister_socket() and cfg80211_rx_mgmt_khz() functions in net/wireless/mlme.c, within the INIT_WORK() and cfg80211_init_wdev() functions in net/wireless/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) Input validation error

EUVDB-ID: #VU90852

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47495

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) Buffer overflow

EUVDB-ID: #VU91197

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47496

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the tls_err_abort(), tls_tx_records(), tls_push_record(), tls_sw_recvmsg() and tls_sw_splice_read() functions in net/tls/tls_sw.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) Out-of-bounds read

EUVDB-ID: #VU90276

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47497

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the nvmem_shift_read_buffer_in_place() function in drivers/nvmem/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Resource management error

EUVDB-ID: #VU92964

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47498

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the dm_mq_queue_rq() function in drivers/md/dm-rq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) Memory leak

EUVDB-ID: #VU89922

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47499

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kxcjk1013_probe() and kxcjk1013_remove() functions in drivers/iio/accel/kxcjk-1013.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

143) Use-after-free

EUVDB-ID: #VU90050

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47500

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mma8452_trigger_setup() function in drivers/iio/accel/mma8452.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

144) NULL pointer dereference

EUVDB-ID: #VU90392

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47501

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_dbg_dump_desc() function in drivers/net/ethernet/intel/i40e/i40e_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

145) Buffer overflow

EUVDB-ID: #VU93137

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47502

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the slim_rx_mux_get(), slim_rx_mux_put() and slim_tx_mixer_put() functions in sound/soc/codecs/wcd934x.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

146) NULL pointer dereference

EUVDB-ID: #VU90388

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47503

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pm8001_alloc() function in drivers/scsi/pm8001/pm8001_init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

147) Use-after-free

EUVDB-ID: #VU90051

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47505

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the POLLFREE() function in include/uapi/asm-generic/poll.h, within the aio_poll(), aio_poll_complete_work(), aio_poll_cancel(), aio_poll_wake() and aio_poll_queue_proc() functions in fs/aio.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

148) Use-after-free

EUVDB-ID: #VU90052

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47506

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hash_delegation_locked(), unhash_delegation_locked() and nfsd4_cb_recall_prepare() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

149) NULL pointer dereference

EUVDB-ID: #VU90389

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47507

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the init_nfsd(), nfsd4_exit_pnfs() and exit_nfsd() functions in fs/nfsd/nfsctl.c, within the register_cld_notifier() function in fs/nfsd/nfs4recover.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

150) Buffer overflow

EUVDB-ID: #VU93398

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47509

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the snd_pcm_oss_set_fragment1() function in sound/core/oss/pcm_oss.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

151) Resource management error

EUVDB-ID: #VU93597

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47510

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the walk_up_log_tree(), walk_log_tree() and free_log_tree() functions in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

152) Buffer overflow

EUVDB-ID: #VU92005

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47511

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the snd_pcm_hw_param_value_min() and snd_pcm_oss_period_size() functions in sound/core/oss/pcm_oss.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

153) Memory leak

EUVDB-ID: #VU89923

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47513

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the felix_setup_mmio_filtering() function in drivers/net/dsa/ocelot/felix.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

154) Information disclosure

EUVDB-ID: #VU91329

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47514

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the devlink_nl_cmd_reload() function in net/core/devlink.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

155) Memory leak

EUVDB-ID: #VU89924

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47516

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nfp_cpp_area_cache_add() function in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

156) NULL pointer dereference

EUVDB-ID: #VU90531

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47518

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nfc_genl_dump_ses_done() function in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

157) Use-after-free

EUVDB-ID: #VU91053

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47520

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the pch_can_rx_normal() function in drivers/net/can/pch_can.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

158) Use-after-free

EUVDB-ID: #VU91052

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47521

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ems_pcmcia_add_card() function in drivers/net/can/sja1000/ems_pcmcia.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

159) NULL pointer dereference

EUVDB-ID: #VU90390

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47522

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bigben_worker() function in drivers/hid/hid-bigbenff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

160) Information disclosure

EUVDB-ID: #VU91327

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47523

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the hfi1_init(), hfi1_free_devdata(), hfi1_alloc_devdata() and cleanup_device_data() functions in drivers/infiniband/hw/hfi1/init.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

161) Information disclosure

EUVDB-ID: #VU91326

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47524

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the liteuart_probe() function in drivers/tty/serial/liteuart.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

162) Use-after-free

EUVDB-ID: #VU90054

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47525

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the liteuart_remove() function in drivers/tty/serial/liteuart.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

163) NULL pointer dereference

EUVDB-ID: #VU90393

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47526

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the liteuart_probe() function in drivers/tty/serial/liteuart.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

164) Memory leak

EUVDB-ID: #VU90437

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47527

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the uart_tty_port_shutdown() function in drivers/tty/serial/serial_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

165) NULL pointer dereference

EUVDB-ID: #VU90394

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47528

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cdnsp_endpoint_init() function in drivers/usb/cdns3/cdnsp-mem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

166) Memory leak

EUVDB-ID: #VU89926

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47529

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the iwl_uefi_reduce_power_section() function in drivers/net/wireless/intel/iwlwifi/fw/uefi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

167) NULL pointer dereference

EUVDB-ID: #VU93049

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47533