| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 146 |
| CVE-ID | CVE-2021-46925 CVE-2021-46926 CVE-2021-46927 CVE-2021-46929 CVE-2021-46930 CVE-2021-46931 CVE-2021-46933 CVE-2021-46934 CVE-2021-46936 CVE-2021-47082 CVE-2021-47083 CVE-2021-47087 CVE-2021-47091 CVE-2021-47093 CVE-2021-47094 CVE-2021-47095 CVE-2021-47096 CVE-2021-47097 CVE-2021-47098 CVE-2021-47099 CVE-2021-47100 CVE-2021-47101 CVE-2021-47102 CVE-2021-47104 CVE-2021-47105 CVE-2021-47107 CVE-2021-47108 CVE-2022-4744 CVE-2022-48626 CVE-2022-48627 CVE-2022-48628 CVE-2022-48629 CVE-2022-48630 CVE-2023-0160 CVE-2023-28746 CVE-2023-35827 CVE-2023-52447 CVE-2023-52450 CVE-2023-52453 CVE-2023-52454 CVE-2023-52462 CVE-2023-52463 CVE-2023-52467 CVE-2023-52469 CVE-2023-52470 CVE-2023-52474 CVE-2023-52476 CVE-2023-52477 CVE-2023-52481 CVE-2023-52482 CVE-2023-52484 CVE-2023-52486 CVE-2023-52492 CVE-2023-52493 CVE-2023-52494 CVE-2023-52497 CVE-2023-52500 CVE-2023-52501 CVE-2023-52502 CVE-2023-52504 CVE-2023-52507 CVE-2023-52508 CVE-2023-52509 CVE-2023-52510 CVE-2023-52511 CVE-2023-52513 CVE-2023-52515 CVE-2023-52517 CVE-2023-52518 CVE-2023-52519 CVE-2023-52520 CVE-2023-52523 CVE-2023-52524 CVE-2023-52525 CVE-2023-52528 CVE-2023-52529 CVE-2023-52530 CVE-2023-52531 CVE-2023-52532 CVE-2023-52559 CVE-2023-52563 CVE-2023-52564 CVE-2023-52566 CVE-2023-52567 CVE-2023-52569 CVE-2023-52574 CVE-2023-52576 CVE-2023-52582 CVE-2023-52583 CVE-2023-52587 CVE-2023-52591 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52600 CVE-2023-52601 CVE-2023-52602 CVE-2023-52603 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52608 CVE-2023-52612 CVE-2023-52615 CVE-2023-52617 CVE-2023-52619 CVE-2023-52621 CVE-2023-52623 CVE-2023-52628 CVE-2023-52632 CVE-2023-52637 CVE-2023-52639 CVE-2023-6270 CVE-2023-6356 CVE-2023-6535 CVE-2023-6536 CVE-2023-7042 CVE-2023-7192 CVE-2024-0841 CVE-2024-2201 CVE-2024-22099 CVE-2024-23307 CVE-2024-25739 CVE-2024-25742 CVE-2024-26599 CVE-2024-26600 CVE-2024-26602 CVE-2024-26607 CVE-2024-26612 CVE-2024-26614 CVE-2024-26620 CVE-2024-26627 CVE-2024-26629 CVE-2024-26642 CVE-2024-26645 CVE-2024-26646 CVE-2024-26651 CVE-2024-26654 CVE-2024-26659 CVE-2024-26664 CVE-2024-26667 CVE-2024-26670 CVE-2024-26695 CVE-2024-26717 |
| CWE-ID | CWE-667 CWE-399 CWE-617 CWE-416 CWE-121 CWE-754 CWE-415 CWE-125 CWE-763 CWE-401 CWE-476 CWE-908 CWE-190 CWE-264 CWE-119 CWE-400 CWE-362 CWE-200 CWE-835 CWE-388 CWE-254 CWE-129 CWE-1037 CWE-94 CWE-20 CWE-284 CWE-682 CWE-252 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Micro Operating systems & Components / Operating system SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system kernel-rt_debug Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_47-rt Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component kernel-rt-livepatch Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 146 vulnerabilities.
EUVDB-ID: #VU92051
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46925
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smc_wr_is_tx_pend(), smc_wr_tx_process_cqe(), smc_wr_reg_send() and smc_wr_free_link() functions in net/smc/smc_wr.c, within the smc_ib_modify_qp_rts() function in net/smc/smc_ib.c, within the smc_conn_free(), smcr_link_clear(), smc_conn_kill(), smc_smcd_terminate_all(), smc_smcr_terminate_all(), smcr_link_down() and init_waitqueue_head() functions in net/smc/smc_core.c, within the smc_cdc_tx_handler(), smc_cdc_msg_send(), smcr_cdc_msg_send_validation() and smc_cdc_get_slot_and_msg_send() functions in net/smc/smc_cdc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89253
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46926
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the sdw_intel_acpi_cb() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90917
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46927
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the ne_set_user_memory_region_ioctl() function in drivers/virt/nitro_enclaves/ne_misc_dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90257
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46929
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sctp_transport_lookup_process() and sctp_transport_get_idx() functions in net/sctp/socket.c, within the sctp_sock_dump() and sctp_sock_filter() functions in net/sctp/sctp_diag.c, within the sctp_endpoint_free() and sctp_endpoint_destroy() functions in net/sctp/endpointola.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90258
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46930
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mtu3_alloc_request() function in drivers/usb/mtu3/mtu3_gadget.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91303
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46931
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the mlx5e_tx_reporter_dump_sq() and mlx5e_reporter_tx_timeout() functions in drivers/net/ethernet/mellanox/mlx5/core/en/reporter_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90259
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46933
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ffs_data_clear() and ffs_data_reset() functions in drivers/usb/gadget/function/f_fs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89264
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46934
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a local user to produce warnings from the userspace.
The vulnerability exists due to improper error handling within the compat_i2cdev_ioctl() function in drivers/i2c/i2c-dev.c. A local user can pass specially crafted data to the driver and influence its behavior.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88892
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-46936
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the inet_init() function in net/ipv4/af_inet.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89391
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47082
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in drivers/net/tun.c. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90346
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47083
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mtk_xt_get_gpio_n() function in drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93003
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47087
CWE-ID:
CWE-763 - Release of invalid pointer or reference
Exploit availability: No
DescriptionThe vulnerability allows a local user to modify data on the system.
The vulnerability exists due to performance of perform __free_pages(page, order) using this pointer as we would free any arbitrary pages. A local user can modify data on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90913
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47091
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the ieee80211_start_ap() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90478
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47093
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pmc_core_platform_init() function in drivers/platform/x86/intel_pmc_core_pltdrv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88107
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47094
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in arch/x86/kvm/mmu/tdp_iter.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90633
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47095
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ssif_probe() function in drivers/char/ipmi/ipmi_ssif.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91681
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47096
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the snd_rawmidi_open() function in sound/core/rawmidi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90344
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47097
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the elantech_change_report_id() function in drivers/input/mouse/elantech.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91181
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47098
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the lm90_set_temphyst() function in drivers/hwmon/lm90.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88856
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47099
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a missing security check within the veth_xdp_rcv() function in drivers/net/veth.c. A local user can gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90233
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47100
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cleanup_bmc_device() function in drivers/char/ipmi/ipmi_msghandler.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90882
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47101
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the asix_check_host_enable() function in drivers/net/usb/asix_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90345
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47102
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the prestera_netdev_port_event() function in drivers/net/ethernet/marvell/prestera/prestera_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90019
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47104
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qib_user_sdma_queue_pkts() function in drivers/infiniband/hw/qib/qib_user_sdma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91655
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47105
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_xsk_any_rx_ring_ena() function in drivers/net/ethernet/intel/ice/ice_xsk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91316
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47107
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfsd_proc_rmdir() and nfsd_init_dirlist_pages() functions in fs/nfsd/nfsproc.c, within the nfsd3_proc_link() and nfsd3_init_dirlist_pages() functions in fs/nfsd/nfs3proc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90632
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47108
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_hdmi_bridge_mode_valid() function in drivers/gpu/drm/mediatek/mtk_hdmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU74053
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-4744
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the tun_free_netdev() function in the Linux kernel’s TUN/TAP device driver. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90261
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48626
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the moxart_remove() function in drivers/mmc/host/moxart-mmc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92194
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48627
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93383
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48628
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the __inc_stopping_blocker() function in fs/ceph/super.c, within the ceph_handle_snap() and up_write() functions in fs/ceph/snap.c, within the ceph_handle_quota() function in fs/ceph/quota.c, within the handle_lease(), mutex_unlock() and ceph_mdsc_init() functions in fs/ceph/mds_client.c, within the ceph_handle_caps() and iput() functions in fs/ceph/caps.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93004
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48629
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91418
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48630
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the qcom_rng_read() function in drivers/crypto/qcom-rng.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90810
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-0160
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87457
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-28746
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors. A local user can gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82758
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-35827
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ravb_remove in drivers/net/ethernet/renesas/ravb_main.c. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87740
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52447
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in
bpf. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90661
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52450
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the discover_upi_topology() function in arch/x86/events/intel/uncore_snbep.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93167
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52453
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the hisi_acc_vf_resume_write() and hisi_acc_vf_save_read() functions in drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89244
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52454
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_pdu_iovec() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89237
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52462
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to crash the kernel.
The vulnerability exists due to a boundary error within the check_stack_write_fixed_off() function in kernel/bpf/verifier.c. A local user can trigger memory corruption and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90660
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52463
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efivarfs_get_tree() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89236
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52467
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the of_syscon_register() function in drivers/mfd/syscon.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89235
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52469
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kv_parse_power_table() function in drivers/gpu/drm/amd/amdgpu/kv_dpm.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92074
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52470
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the radeon_crtc_init() function in drivers/gpu/drm/radeon/radeon_display.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92053
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52474
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the build_vnic_ulp_payload() function in drivers/infiniband/hw/hfi1/vnic_sdma.c, within the build_verbs_tx_desc() function in drivers/infiniband/hw/hfi1/verbs.c, within the user_sdma_send_pkts(), add_system_pages_to_sdma_packet(), hfi1_user_sdma_process_request(), user_sdma_txadd_ahg(), sdma_cache_evict(), user_sdma_txreq_cb(), pq_update(), user_sdma_free_request(), set_comp_state() and sdma_rb_remove() functions in drivers/infiniband/hw/hfi1/user_sdma.c, within the sdma_unmap_desc(), ext_coal_sdma_tx_descs() and _pad_sdma_tx_descs() functions in drivers/infiniband/hw/hfi1/sdma.c, within the hfi1_mmu_rb_insert(), hfi1_mmu_rb_get_first(), __mmu_rb_search() and hfi1_mmu_rb_evict() functions in drivers/infiniband/hw/hfi1/mmu_rb.c, within the hfi1_ipoib_build_ulp_payload() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88821
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52476
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the branch_type() and get_branch_type() functions in arch/x86/events/utils.c. A local user can trigger an out-of-bounds read error and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89393
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52477
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to usage of uninitialized BOS descriptors in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91368
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52481
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the ERRATA_MIDR_REV_RANGE() function in arch/arm64/kernel/cpu_errata.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91302
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52482
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the VULNBL_AMD() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89252
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52484
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the arm_smmu_free_shared_cd() function in drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90801
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52486
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/gpu/drm/drm_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90626
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52492
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/dma/dmaengine.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91537
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52493
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the parse_xfer_event() function in drivers/bus/mhi/host/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91209
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52494
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the mhi_del_ring_element() function in drivers/bus/mhi/host/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93097
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52497
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack and modify data on the system,.
The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack and modify data on the system,.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91657
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52500
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mpi_set_controller_config_resp() function in drivers/scsi/pm8001/pm80xx_hwi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93098
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52501
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU88106
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52502
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() functions in net/nfc/llcp_core.c. A local user can exploit the race and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90347
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52504
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the apply_alternatives() function in arch/x86/kernel/alternative.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90350
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52507
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nci_activate_target() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90634
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52508
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvme_fc_io_getuuid() function in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89255
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52509
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user can escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ravb_close() function in drivers/net/ethernet/renesas/ravb_main.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90235
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52510
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ca8210_register_ext_clock() and ca8210_unregister_ext_clock() functions in drivers/net/ieee802154/ca8210.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93001
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52511
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91242
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52513
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the siw_accept_newconn(), siw_cm_work_handler() and siw_cm_llp_data_ready() functions in drivers/infiniband/sw/siw/siw_cm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90236
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52515
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the srp_abort() function in drivers/infiniband/ulp/srp/ib_srp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91487
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52517
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the sun6i_spi_max_transfer_size(), sun6i_spi_prepare_dma(), sun6i_spi_transfer_one(), sun6i_spi_handler() and sun6i_spi_probe() functions in drivers/spi/spi-sun6i.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90023
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52518
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hci_dev_close_sync() function in net/bluetooth/hci_sync.c, within the hci_release_dev() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90348
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52519
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the enable_gpe() function in drivers/hid/intel-ish-hid/ipc/pci-ish.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91656
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52520
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tlmi_release_attr() and tlmi_sysfs_init() functions in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90635
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52523
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the BPF_CALL_4() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-d