SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 218
CVE-ID CVE-2021-47047
CVE-2021-47181
CVE-2021-47182
CVE-2021-47183
CVE-2021-47184
CVE-2021-47185
CVE-2021-47187
CVE-2021-47188
CVE-2021-47189
CVE-2021-47191
CVE-2021-47192
CVE-2021-47193
CVE-2021-47194
CVE-2021-47195
CVE-2021-47196
CVE-2021-47197
CVE-2021-47198
CVE-2021-47199
CVE-2021-47200
CVE-2021-47201
CVE-2021-47202
CVE-2021-47203
CVE-2021-47204
CVE-2021-47205
CVE-2021-47206
CVE-2021-47207
CVE-2021-47209
CVE-2021-47210
CVE-2021-47211
CVE-2021-47212
CVE-2021-47214
CVE-2021-47215
CVE-2021-47216
CVE-2021-47217
CVE-2021-47218
CVE-2021-47219
CVE-2022-48631
CVE-2022-48632
CVE-2022-48634
CVE-2022-48636
CVE-2022-48637
CVE-2022-48638
CVE-2022-48639
CVE-2022-48640
CVE-2022-48642
CVE-2022-48644
CVE-2022-48646
CVE-2022-48647
CVE-2022-48648
CVE-2022-48650
CVE-2022-48651
CVE-2022-48652
CVE-2022-48653
CVE-2022-48654
CVE-2022-48655
CVE-2022-48656
CVE-2022-48657
CVE-2022-48658
CVE-2022-48659
CVE-2022-48660
CVE-2022-48662
CVE-2022-48663
CVE-2022-48667
CVE-2022-48668
CVE-2022-48671
CVE-2022-48672
CVE-2022-48673
CVE-2022-48675
CVE-2022-48686
CVE-2022-48687
CVE-2022-48688
CVE-2022-48690
CVE-2022-48692
CVE-2022-48693
CVE-2022-48694
CVE-2022-48695
CVE-2022-48697
CVE-2022-48698
CVE-2022-48700
CVE-2022-48701
CVE-2022-48702
CVE-2022-48703
CVE-2022-48704
CVE-2023-2860
CVE-2023-52488
CVE-2023-52503
CVE-2023-52561
CVE-2023-52585
CVE-2023-52589
CVE-2023-52590
CVE-2023-52591
CVE-2023-52593
CVE-2023-52614
CVE-2023-52616
CVE-2023-52620
CVE-2023-52627
CVE-2023-52635
CVE-2023-52636
CVE-2023-52645
CVE-2023-52652
CVE-2023-6270
CVE-2024-0639
CVE-2024-0841
CVE-2024-22099
CVE-2024-23307
CVE-2024-23848
CVE-2024-23850
CVE-2024-26601
CVE-2024-26610
CVE-2024-26656
CVE-2024-26660
CVE-2024-26671
CVE-2024-26673
CVE-2024-26675
CVE-2024-26680
CVE-2024-26681
CVE-2024-26684
CVE-2024-26685
CVE-2024-26687
CVE-2024-26688
CVE-2024-26689
CVE-2024-26696
CVE-2024-26697
CVE-2024-26702
CVE-2024-26704
CVE-2024-26718
CVE-2024-26722
CVE-2024-26727
CVE-2024-26733
CVE-2024-26736
CVE-2024-26737
CVE-2024-26739
CVE-2024-26743
CVE-2024-26744
CVE-2024-26745
CVE-2024-26747
CVE-2024-26749
CVE-2024-26751
CVE-2024-26754
CVE-2024-26760
CVE-2024-26763
CVE-2024-26764
CVE-2024-26766
CVE-2024-26769
CVE-2024-26771
CVE-2024-26772
CVE-2024-26773
CVE-2024-26776
CVE-2024-26779
CVE-2024-26783
CVE-2024-26787
CVE-2024-26790
CVE-2024-26792
CVE-2024-26793
CVE-2024-26798
CVE-2024-26805
CVE-2024-26807
CVE-2024-26816
CVE-2024-26817
CVE-2024-26820
CVE-2024-26825
CVE-2024-26830
CVE-2024-26833
CVE-2024-26836
CVE-2024-26843
CVE-2024-26848
CVE-2024-26852
CVE-2024-26853
CVE-2024-26855
CVE-2024-26856
CVE-2024-26857
CVE-2024-26861
CVE-2024-26862
CVE-2024-26866
CVE-2024-26872
CVE-2024-26875
CVE-2024-26878
CVE-2024-26879
CVE-2024-26881
CVE-2024-26882
CVE-2024-26883
CVE-2024-26884
CVE-2024-26885
CVE-2024-26891
CVE-2024-26893
CVE-2024-26895
CVE-2024-26896
CVE-2024-26897
CVE-2024-26898
CVE-2024-26901
CVE-2024-26903
CVE-2024-26917
CVE-2024-26927
CVE-2024-26948
CVE-2024-26950
CVE-2024-26951
CVE-2024-26955
CVE-2024-26956
CVE-2024-26960
CVE-2024-26965
CVE-2024-26966
CVE-2024-26969
CVE-2024-26970
CVE-2024-26972
CVE-2024-26981
CVE-2024-26982
CVE-2024-26993
CVE-2024-27013
CVE-2024-27014
CVE-2024-27030
CVE-2024-27038
CVE-2024-27039
CVE-2024-27041
CVE-2024-27043
CVE-2024-27046
CVE-2024-27056
CVE-2024-27062
CVE-2024-27389
CWE-ID CWE-119
CWE-476
CWE-667
CWE-399
CWE-362
CWE-125
CWE-371
CWE-401
CWE-665
CWE-416
CWE-20
CWE-388
CWE-121
CWE-200
CWE-193
CWE-284
CWE-190
CWE-617
CWE-415
CWE-835
CWE-908
CWE-366
CWE-191
Exploitation vector Local network
Public exploit N/A
Vulnerable software
SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Real Time Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

kernel-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-optional
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150500_13_52-rt
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt
Operating systems & Components / Operating system package or component

kselftests-kmp-rt
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-livepatch
Operating systems & Components / Operating system package or component

kernel-rt-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

kernel-rt-vdso
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-livepatch-devel
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

kselftests-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 218 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU93669

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47047

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the zynqmp_qspi_irq(), zynqmp_qspi_setuprxdma(), zynqmp_qspi_write_op(), zynqmp_qspi_exec_op() and zynqmp_qspi_probe() functions in drivers/spi/spi-zynqmp-gqspi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU92071

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47181

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tusb_musb_init() function in drivers/usb/musb/tusb6010.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

EUVDB-ID: #VU89395

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47182

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the scsi_mode_sense() function in drivers/scsi/scsi_lib.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU90586

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47183

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the lpfc_sli_issue_abort_iotag() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) NULL pointer dereference

EUVDB-ID: #VU90587

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47184

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_sync_filters_subtask() and i40e_vsi_release() functions in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper locking

EUVDB-ID: #VU91528

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47185

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the flush_to_ldisc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper locking

EUVDB-ID: #VU91527

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47187

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the arch/arm64/boot/dts/qcom/msm8998.dtsi. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU93843

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47188

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ufshcd_abort() function in drivers/scsi/ufs/ufshcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Race condition

EUVDB-ID: #VU93380

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47189

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the run_ordered_work() and normal_work_helper() functions in fs/btrfs/async-thread.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU90325

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47191

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the resp_readcap16() function in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) State Issues

EUVDB-ID: #VU89240

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47192

CWE-ID: CWE-371 - State Issues

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error during iSCSI recovery within the store_state_field() function in drivers/scsi/scsi_sysfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory leak

EUVDB-ID: #VU90008

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47193

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the pm8001_init_ccb_tag(), pm8001_pci_remove() and remove() functions in drivers/scsi/pm8001/pm8001_init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Improper initialization

EUVDB-ID: #VU92392

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47194

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper initialization error within the cfg80211_change_iface() function in net/wireless/util.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU90204

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47195

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the spi_unregister_controller() function in drivers/spi/spi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU90203

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47196

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the create_qp() function in drivers/infiniband/core/verbs.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) NULL pointer dereference

EUVDB-ID: #VU93057

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47197

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlx5_debug_cq_remove() function in drivers/net/ethernet/mellanox/mlx5/core/debugfs.c, within the mlx5_core_destroy_cq() function in drivers/net/ethernet/mellanox/mlx5/core/cq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU90208

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47198

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lpfc_mbx_cmpl_fc_reg_login() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory leak

EUVDB-ID: #VU90476

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47199

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the parse_tc_nic_actions() and parse_tc_fdb_actions() functions in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c, within the mlx5_tc_ct_match_add(), mlx5_tc_ct_parse_action() and __mlx5_tc_ct_flow_offload_clear() functions in drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU90206

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47200

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_gem_prime_mmap() function in drivers/gpu/drm/drm_prime.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Resource management error

EUVDB-ID: #VU92971

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47201

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the iavf_disable_vf() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) NULL pointer dereference

EUVDB-ID: #VU90582

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47202

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the of_thermal_get_temp(), of_thermal_set_emul_temp(), of_thermal_get_trend() and of_thermal_set_trip_temp() functions in drivers/thermal/of-thermal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Buffer overflow

EUVDB-ID: #VU93156

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47203

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the lpfc_drain_txq() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU90205

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47204

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dpaa2_eth_remove() function in drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Memory leak

EUVDB-ID: #VU90007

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47205

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the DEFINE_SPINLOCK() and devm_sunxi_ccu_release() functions in drivers/clk/sunxi-ng/ccu_common.c, within the suniv_f1c100s_ccu_setup() function in drivers/clk/sunxi-ng/ccu-suniv-f1c100s.c, within the sun9i_a80_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80.c, within the sun9i_a80_usb_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80-usb.c, within the sun9i_a80_de_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80-de.c, within the sun8i_v3_v3s_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun8i-v3s.c, within the sun8i_r40_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-r40.c, within the sunxi_h3_h5_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun8i-h3.c, within the sunxi_de2_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-de2.c, within the sun8i_a83t_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-a83t.c, within the sun8i_a33_ccu_setup() and ccu_pll_notifier_register() functions in drivers/clk/sunxi-ng/ccu-sun8i-a33.c, within the sun8i_a23_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun8i-a23.c, within the sun6i_a31_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun6i-a31.c, within the sun5i_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun5i.c, within the sun50i_h616_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun50i-h616.c, within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c, within the sunxi_r_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun50i-h6-r.c, within the sun50i_a64_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a64.c, within the sun50i_a100_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a100.c, within the sun50i_a100_r_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a100-r.c, within the sun4i_ccu_init() and sunxi_ccu_probe() functions in drivers/clk/sunxi-ng/ccu-sun4i-a10.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) NULL pointer dereference

EUVDB-ID: #VU92072

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47206

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ohci_hcd_tmio_drv_probe() function in drivers/usb/host/ohci-tmio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) NULL pointer dereference

EUVDB-ID: #VU90583

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47207

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the snd_gf1_dma_interrupt() function in sound/isa/gus/gus_dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU90207

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47209

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rq_of_rt_se() and rt_rq_of_se() functions in kernel/sched/rt.c, within the free_fair_sched_group() and unregister_fair_sched_group() functions in kernel/sched/fair.c, within the sched_free_group(), sched_online_group(), cpu_cgroup_css_released() and cpu_cgroup_css_free() functions in kernel/sched/core.c, within the autogroup_destroy() function in kernel/sched/autogroup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Input validation error

EUVDB-ID: #VU93688

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47210

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the tps6598x_block_read() function in drivers/usb/typec/tps6598x.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) NULL pointer dereference

EUVDB-ID: #VU89394

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47211

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the snd_usb_set_sample_rate_v2v3() function in sound/usb/clock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Error Handling

EUVDB-ID: #VU89241

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47212

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect error handling within the mlx5_internal_err_ret_value() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Memory leak

EUVDB-ID: #VU91649

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47214

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hugetlb_mcopy_atomic_pte() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Buffer overflow

EUVDB-ID: #VU93157

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47215

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the DECLARE_BITMAP(), resync_handle_seq_match(), mlx5e_ktls_add_rx() and mlx5e_ktls_rx_handle_resync_list() functions in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_rx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Memory leak

EUVDB-ID: #VU91648

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47216

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the asc_prt_adv_board_info() function in drivers/scsi/advansys.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) NULL pointer dereference

EUVDB-ID: #VU90584

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47217

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the set_hv_tscchange_cb() function in arch/x86/hyperv/hv_init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) NULL pointer dereference

EUVDB-ID: #VU90585

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47218

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hashtab_compute_size() function in security/selinux/ss/hashtab.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

EUVDB-ID: #VU90324

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47219

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the resp_report_tgtpgs() function in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Improper locking

EUVDB-ID: #VU92033

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48631

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __ext4_ext_check() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Stack-based buffer overflow

EUVDB-ID: #VU91299

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48632

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the mlxbf_i2c_smbus_start_transaction() function in drivers/i2c/busses/i2c-mlxbf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Improper locking

EUVDB-ID: #VU91451

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48634

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the gma_crtc_page_flip() function in drivers/gpu/drm/gma500/gma_display.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Resource management error

EUVDB-ID: #VU92987

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48636

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the dasd_alias_remove_device() and dasd_alias_get_start_dev() functions in drivers/s390/block/dasd_alias.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Use-after-free

EUVDB-ID: #VU90189

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48637

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bnxt_tx_int() function in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Input validation error

EUVDB-ID: #VU93687

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48638

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the cgroup_get_from_id() function in kernel/cgroup/cgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Information disclosure

EUVDB-ID: #VU91361

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48639

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the net/sched/cls_api.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) NULL pointer dereference

EUVDB-ID: #VU91238

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48640

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bond_open() and bond_init() functions in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Memory leak

EUVDB-ID: #VU89996

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48642

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nf_tables_addchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Improper locking

EUVDB-ID: #VU91452

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48644

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the taprio_enable_offload() and taprio_disable_offload() functions in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) NULL pointer dereference

EUVDB-ID: #VU90565

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48646

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efx_siena_hard_start_xmit() function in drivers/net/ethernet/sfc/siena/tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) NULL pointer dereference

EUVDB-ID: #VU90564

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48647

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efx_probe_interrupts() function in drivers/net/ethernet/sfc/efx_channels.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) NULL pointer dereference

EUVDB-ID: #VU90566

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48648

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efx_hard_start_xmit() function in drivers/net/ethernet/sfc/tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Memory leak

EUVDB-ID: #VU89997

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48650

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __qlt_24xx_handle_abts() function in drivers/scsi/qla2xxx/qla_target.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Out-of-bounds read

EUVDB-ID: #VU89680

Risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-48651

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Race condition

EUVDB-ID: #VU93379

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48652

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the ice_set_dflt_vsi_ctx(), ice_vsi_setup_q_map(), ice_vsi_setup_q_map_mqprio() and ice_vsi_cfg_tc() functions in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Improper locking

EUVDB-ID: #VU92032

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48653

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ice_schedule_reset() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Memory leak

EUVDB-ID: #VU91645

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48654

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to memory leak within the nf_osf_find() function in net/netfilter/nfnetlink_osf.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Out-of-bounds read

EUVDB-ID: #VU91400

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48655

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an out-of-bounds read error within the scmi_domain_reset() function in drivers/firmware/arm_scmi/reset.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Information disclosure

EUVDB-ID: #VU91362

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48656

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to information disclosure within the of_xudma_dev_get() function in drivers/dma/ti/k3-udma-private.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Buffer overflow

EUVDB-ID: #VU91438

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48657

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to memory corruption within the validate_cpu_freq_invariance_counters() function in arch/arm64/kernel/topology.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Resource management error

EUVDB-ID: #VU93199

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48658

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to resource management error within the stat(), flush_all_cpus_locked() and kmem_cache_init() functions in mm/slub.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Buffer overflow

EUVDB-ID: #VU93399

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48659

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the create_unique_id() and sysfs_slab_add() functions in mm/slub.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Resource management error

EUVDB-ID: #VU93198

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48660

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the lineevent_create() function in drivers/gpio/gpiolib-cdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Resource management error

EUVDB-ID: #VU93197

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48662

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to resource management error within the i915_gem_context_release() and context_close() functions in drivers/gpu/drm/i915/gem/i915_gem_context.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) NULL pointer dereference

EUVDB-ID: #VU90567

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48663

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gpio_mockup_init() function in drivers/gpio/gpio-mockup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Resource management error

EUVDB-ID: #VU93644

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48667

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to improper management of internal resources within the smb3_insert_range() function in fs/cifs/smb2ops.c. A local user can corrupt data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Resource management error

EUVDB-ID: #VU93645

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48668

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to improper management of internal resources within the smb3_collapse_range() function in fs/cifs/smb2ops.c. A local user can corrupt data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Improper locking

EUVDB-ID: #VU90763

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48671

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cgroup_attach_task_all() function in kernel/cgroup/cgroup-v1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Off-by-one

EUVDB-ID: #VU91174

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48672

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an off-by-one error within the unflatten_dt_nodes() function in drivers/of/fdt.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Improper locking

EUVDB-ID: #VU92028

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48673

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smc_wr_rx_process_cqes(), smc_wr_free_link() and smc_wr_create_link() functions in net/smc/smc_wr.c, within the smcr_link_init() function in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Improper locking

EUVDB-ID: #VU90762

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48675

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mmput_async() function in kernel/fork.c, within the mutex_unlock() function in drivers/infiniband/core/umem_odp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Use-after-free

EUVDB-ID: #VU90175

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48686

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_tcp_io_work() function in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Out-of-bounds read

EUVDB-ID: #VU90314

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48687

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an out-of-bounds read error within the seg6_genl_sethmac() function in net/ipv6/seg6.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) NULL pointer dereference

EUVDB-ID: #VU90515

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48688

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_notify_client_of_netdev_close() and i40e_client_subtask() functions in drivers/net/ethernet/intel/i40e/i40e_client.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-devel: before 5.14.21-150500.13.52.1

kernel-syms-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-optional: before 5.14.21-150500.13.52.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-devel: before 5.14.21-150500.13.52.1

ocfs2-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1

gfs2-kmp-rt: before 5.14.21-150500.13.52.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1

reiserfs-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt: before 5.14.21-150500.13.52.1

dlm-kmp-rt: before 5.14.21-150500.13.52.1

kernel-rt-livepatch: before 5.14.21-150500.13.52.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debugsource: before 5.14.21-150500.13.52.1

kernel-rt-vdso: before 5.14.21-150500.13.52.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-debuginfo: before 5.14.21-150500.13.52.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1

cluster-md-kmp-rt: before 5.14.21-150500.13.52.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1

kernel-source-rt: before 5.14.21-150500.13.52.1

kernel-devel-rt: before 5.14.21-150500.13.52.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Memory leak

EUVDB-ID: #VU91642

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48690

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ice_qp_dis(), ice_xsk_pool_enable() and ice_xsk_pool_setup() functions in drivers/net/ethernet/intel/ice/ice_xsk.c, within the ice_xdp_setup_prog() function in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_alloc_rx_buf_zc() and ice_vsi_cfg_rxq() functions in drivers/net/ethernet/intel/ice/ice_base.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enter