Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 113 |
CVE-ID | CVE-2020-36780 CVE-2020-36782 CVE-2020-36783 CVE-2021-23134 CVE-2021-46909 CVE-2021-46921 CVE-2021-46930 CVE-2021-46938 CVE-2021-46939 CVE-2021-46943 CVE-2021-46944 CVE-2021-46950 CVE-2021-46951 CVE-2021-46958 CVE-2021-46960 CVE-2021-46961 CVE-2021-46962 CVE-2021-46963 CVE-2021-46971 CVE-2021-46981 CVE-2021-46984 CVE-2021-46988 CVE-2021-46990 CVE-2021-46991 CVE-2021-46992 CVE-2021-46998 CVE-2021-47000 CVE-2021-47006 CVE-2021-47013 CVE-2021-47015 CVE-2021-47020 CVE-2021-47034 CVE-2021-47045 CVE-2021-47049 CVE-2021-47051 CVE-2021-47055 CVE-2021-47056 CVE-2021-47058 CVE-2021-47061 CVE-2021-47063 CVE-2021-47065 CVE-2021-47068 CVE-2021-47069 CVE-2021-47070 CVE-2021-47071 CVE-2021-47073 CVE-2021-47077 CVE-2021-47082 CVE-2021-47109 CVE-2021-47110 CVE-2021-47112 CVE-2021-47114 CVE-2021-47117 CVE-2021-47118 CVE-2021-47119 CVE-2021-47120 CVE-2021-47138 CVE-2021-47139 CVE-2021-47141 CVE-2021-47142 CVE-2021-47144 CVE-2021-47153 CVE-2021-47161 CVE-2021-47165 CVE-2021-47166 CVE-2021-47167 CVE-2021-47168 CVE-2021-47169 CVE-2021-47170 CVE-2021-47171 CVE-2021-47172 CVE-2021-47173 CVE-2021-47177 CVE-2021-47179 CVE-2021-47180 CVE-2021-47181 CVE-2021-47183 CVE-2021-47185 CVE-2021-47189 CVE-2022-0487 CVE-2022-4744 CVE-2022-48626 CVE-2023-0160 CVE-2023-1192 CVE-2023-28746 CVE-2023-35827 CVE-2023-52454 CVE-2023-52469 CVE-2023-52470 CVE-2023-52474 CVE-2023-52476 CVE-2023-52477 CVE-2023-52500 CVE-2023-52509 CVE-2023-52572 CVE-2023-52583 CVE-2023-52590 CVE-2023-52591 CVE-2023-52607 CVE-2023-52628 CVE-2023-6270 CVE-2023-6356 CVE-2023-6531 CVE-2023-6535 CVE-2023-6536 CVE-2023-7042 CVE-2023-7192 CVE-2024-22099 CVE-2024-26600 CVE-2024-26614 CVE-2024-26642 CVE-2024-26704 CVE-2024-26733 |
CWE-ID | CWE-401 CWE-200 CWE-416 CWE-754 CWE-667 CWE-415 CWE-388 CWE-399 CWE-191 CWE-362 CWE-476 CWE-125 CWE-617 CWE-20 CWE-119 CWE-908 CWE-400 CWE-665 CWE-121 CWE-284 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #80 is available. |
Vulnerable software |
SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP2 Business Critical Linux Operating systems & Components / Operating system SUSE Linux Enterprise High Availability Extension 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP2 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system reiserfs-kmp-default-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-default Operating systems & Components / Operating system package or component kernel-docs Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-macros Operating systems & Components / Operating system package or component kernel-default-base Operating systems & Components / Operating system package or component kernel-preempt-debuginfo Operating systems & Components / Operating system package or component kernel-default-devel Operating systems & Components / Operating system package or component kernel-obs-build Operating systems & Components / Operating system package or component kernel-default-devel-debuginfo Operating systems & Components / Operating system package or component kernel-obs-build-debugsource Operating systems & Components / Operating system package or component kernel-preempt-devel Operating systems & Components / Operating system package or component kernel-syms Operating systems & Components / Operating system package or component kernel-preempt-debugsource Operating systems & Components / Operating system package or component kernel-preempt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-preempt Operating systems & Components / Operating system package or component cluster-md-kmp-default-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-default Operating systems & Components / Operating system package or component ocfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-default-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default Operating systems & Components / Operating system package or component ocfs2-kmp-default Operating systems & Components / Operating system package or component gfs2-kmp-default Operating systems & Components / Operating system package or component kernel-default-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150200_24_188-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_47-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150200_24_188-default Operating systems & Components / Operating system package or component kernel-default-livepatch Operating systems & Components / Operating system package or component kernel-default-debuginfo Operating systems & Components / Operating system package or component kernel-default-livepatch-devel Operating systems & Components / Operating system package or component kernel-default Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 113 vulnerabilities.
EUVDB-ID: #VU89266
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-36780
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due reference leak when pm_runtime_get_sync fails within the sprd_i2c_master_xfer() and sprd_i2c_remove() function in drivers/i2c/busses/i2c-sprd.c. A local user can perform denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91404
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-36782
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the lpi2c_imx_master_enable() function in drivers/i2c/busses/i2c-imx-lpi2c.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91405
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-36783
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the img_i2c_xfer() and img_i2c_init() functions in drivers/i2c/busses/i2c-img-scb.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63657
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-23134
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in nfc sockets in the Linux Kernel. A local user with the CAP_NET_RAW capability can trigger use-after-free and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92396
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46909
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions error within the personal_server_map_irq() function in arch/arm/mach-footbridge/personal-pci.c, within the netwinder_map_irq() function in arch/arm/mach-footbridge/netwinder-pci.c, within the ebsa285_map_irq() function in arch/arm/mach-footbridge/ebsa285-pci.c, within the cats_no_swizzle() function in arch/arm/mach-footbridge/cats-pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88214
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46921
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper locking within the queued_write_lock_slowpath() function in kernel/locking/qrwlock.c. A local user can crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90258
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46930
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mtu3_alloc_request() function in drivers/usb/mtu3/mtu3_gadget.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90901
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46938
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the blk_mq_free_tag_set() and dm_mq_cleanup_mapped_device() functions in drivers/md/dm-rq.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90807
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46939
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the trace_clock_global() function in kernel/trace/trace_clock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90962
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46943
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper error handling within the imgu_fmt() function in drivers/staging/media/ipu3/ipu3-v4l2.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90042
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46944
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imgu_fmt() function in drivers/staging/media/ipu3/ipu3-v4l2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93648
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46950
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper management of internal resources within the raid1_end_write_request() function in drivers/md/raid1.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91194
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46951
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to integer underflow within the tpm_read_log_efi() function in drivers/char/tpm/eventlog/efi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90256
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46958
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cleanup_transaction() function in fs/btrfs/transaction.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93847
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46960
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smb2_get_enc_key() function in fs/cifs/smb2ops.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92949
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46961
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the gic_handle_irq() function in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90963
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46962
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the uniphier_sd_remove() function in drivers/mmc/host/uniphier-sd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93384
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46963
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the qla2xxx_mqueuecommand() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92050
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46971
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the SYSCALL_DEFINE5() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90641
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46981
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nbd_disconnect_and_put() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90355
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46984
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dd_request_merge() function in block/mq-deadline.c, within the kyber_limit_depth() function in block/kyber-iosched.c, within the __blk_mq_sched_bio_merge() function in block/blk-mq-sched.c, within the bfq_remove_request() function in block/bfq-iosched.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90916
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46988
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the shmem_mfill_atomic_pte() function in mm/shmem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88890
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46990
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in arch/powerpc/lib/feature-fixups.c. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90251
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46991
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i40e_client_subtask() function in drivers/net/ethernet/intel/i40e/i40e_client.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90354
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46992
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nft_rhash_destroy() function in net/netfilter/nft_set_hash.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91070
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46998
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the enic_queue_wq_skb_encap(), enic_queue_wq_skb() and enic_hard_start_xmit() functions in drivers/net/ethernet/cisco/enic/enic_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91406
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47000
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the __fh_to_dentry() function in fs/ceph/export.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93626
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47006
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the breakpoint_handler() function in arch/arm/kernel/hw_breakpoint.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91068
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47013
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the emac_mac_tx_buf_send() function in drivers/net/ethernet/qualcomm/emac/emac-mac.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92947
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47015
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bnxt_rx_pkt() function in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90029
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47020
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sdw_stream_add_slave() function in drivers/soundwire/stream.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93209
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47034
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the early_map_kernel_page() and __map_kernel_page() functions in arch/powerpc/mm/pgtable-radix.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90648
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47045
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_issue_els_plogi() function in drivers/scsi/lpfc/lpfc_els.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90960
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47049
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __vmbus_open() function in drivers/hv/channel.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91407
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47051
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the lpspi_prepare_xfer_hardware() function in drivers/spi/spi-fsl-lpspi.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91543
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47055
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mtdchar_ioctl() function in drivers/mtd/mtdchar.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93084
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47056
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the adf_probe() function in drivers/crypto/qat/qat_dh895xccvf/adf_drv.c, within the adf_probe() function in drivers/crypto/qat/qat_c62xvf/adf_drv.c, within the adf_probe() function in drivers/crypto/qat/qat_c3xxxvf/adf_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90031
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47058
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the regmap_debugfs_exit() function in drivers/base/regmap/regmap-debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90244
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47061
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kvm_io_bus_unregister_dev() function in virt/kvm/kvm_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90243
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47063
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the panel_bridge_attach() function in drivers/gpu/drm/bridge/panel.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90352
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47065
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rtw_phy_load_tables(), rtw_get_channel_group() and rtw_get_tx_power_params() functions in drivers/net/wireless/realtek/rtw88/phy.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90245
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47068
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the llcp_sock_bind() and llcp_sock_connect() functions in net/nfc/llcp_sock.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92484
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47069
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error within the IPC implementation in Linux kernel. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90028
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47070
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hv_uio_probe() function in drivers/uio/uio_hv_generic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90025
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47071
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hv_uio_probe() function in drivers/uio/uio_hv_generic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93694
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47073
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the init_dell_smbios_wmi() function in drivers/platform/x86/dell-smbios-wmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90638
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47077
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qedf_update_link_speed() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89391
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47082
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in drivers/net/tun.c. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93625
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-47109
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the system when handling NUD_NOARP entries for IPv6. A remote attacker can fill up the neighbour table with enough entries that it will overflow for valid connections after that.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91208
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47110
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kvm_crash_shutdown() and kvmclock_init() functions in arch/x86/kernel/kvmclock.c, within the kvm_guest_cpu_offline() function in arch/x86/kernel/kvm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89259
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47112
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Teardown PV features implementation in arch/x86/kernel/kvm.c. A local user can trigger memory corruption and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89257
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47114
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in fs/ocfs2/file.c. A local user can trigger memory corruption and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93162
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47117
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ext4_split_extent_at() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90225
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47118
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kernel_init_freeable() function in init/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90018
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47119
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_fill_super() and kfree() functions in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90860
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47120
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the magicmouse_probe() function in drivers/hid/hid-magicmouse.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91402
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47138
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the clear_all_filters() function in drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91555
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47139
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the hns3_client_init() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90619
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47141
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gve_free_notify_blocks() function in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90222
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47142
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the amdgpu_ttm_tt_unpopulate() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91652
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47144
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_fbdev_destroy() function in drivers/gpu/drm/amd/amdgpu/amdgpu_fb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92059
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47153
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the i801_check_post() function in drivers/i2c/busses/i2c-i801.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90953
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47161
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dspi_probe() function in drivers/spi/spi-fsl-dspi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90615
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47165
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the meson_probe_remote() function in drivers/gpu/drm/meson/meson_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93159
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47166
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nfs_pageio_doio() and nfs_do_recoalesce() functions in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93691
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47167
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs_pageio_do_add_request() function in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91205
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47168
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the filelayout_decode_layout() function in fs/nfs/filelayout/filelayout.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90616
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47169
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the RP_ID(), rp2_remove_ports(), rp2_fw_cb(), rp2_probe() and rp2_remove() functions in drivers/tty/serial/rp2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93401
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47170
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the proc_bulk() and proc_do_submiturb() functions in drivers/usb/core/devio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90011
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47171
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smsc75xx_bind() function in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93405
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47172
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ad7124_of_parse_channel_config() function in drivers/iio/adc/ad7124.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90013
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47173
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the uss720_probe() function in drivers/usb/misc/uss720.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91366
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47177
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the alloc_iommu() function in drivers/iommu/dmar.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: before 5.3.18-150200.24.188.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel: before 5.3.18-150200.24.188.1
kernel-syms: before 5.3.18-150200.24.188.1
kernel-preempt-debugsource: before 5.3.18-150200.24.188.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.188.1
kernel-preempt: before 5.3.18-150200.24.188.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
cluster-md-kmp-default: before 5.3.18-150200.24.188.1
ocfs2-kmp-default: before 5.3.18-150200.24.188.1
gfs2-kmp-default: before 5.3.18-150200.24.188.1
kernel-default-debugsource: before 5.3.18-150200.24.188.1
kernel-livepatch-5_3_18-150200_24_188-default-debuginfo: before 1-150200.5.3.3
kernel-livepatch-SLE15-SP2_Update_47-debugsource: before 1-150200.5.3.3
kernel-livepatch-5_3_18-150200_24_188-default: before 1-150200.5.3.3
kernel-default-livepatch: before 5.3.18-150200.24.188.1
kernel-default-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.188.1
kernel-default: before 5.3.18-150200.24.188.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241454-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90617
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47179
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the _pnfs_return_layout() function in fs/nfs/pnfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.188.1
reiserfs-kmp-default: before 5.3.18-150200.24.188.1
kernel-docs: before 5.3.18-150200.24.188.1
kernel-source: before 5.3.18-150200.24.188.1
kernel-devel: before 5.3.18-150200.24.188.1
kernel-macros: before 5.3.18-150200.24.188.1
kernel-default-base: before 5.3.18-150200.24.188.1.150200.9.95.3
kernel-preempt-debuginfo: before 5.3.18-150200.24.188.1
kernel-default-devel: before 5.3.18-150200.24.188.1
kernel-obs-build: befo