Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 218 |
CVE-ID | CVE-2021-47047 CVE-2021-47181 CVE-2021-47182 CVE-2021-47183 CVE-2021-47184 CVE-2021-47185 CVE-2021-47187 CVE-2021-47188 CVE-2021-47189 CVE-2021-47191 CVE-2021-47192 CVE-2021-47193 CVE-2021-47194 CVE-2021-47195 CVE-2021-47196 CVE-2021-47197 CVE-2021-47198 CVE-2021-47199 CVE-2021-47200 CVE-2021-47201 CVE-2021-47202 CVE-2021-47203 CVE-2021-47204 CVE-2021-47205 CVE-2021-47206 CVE-2021-47207 CVE-2021-47209 CVE-2021-47210 CVE-2021-47211 CVE-2021-47212 CVE-2021-47214 CVE-2021-47215 CVE-2021-47216 CVE-2021-47217 CVE-2021-47218 CVE-2021-47219 CVE-2022-48631 CVE-2022-48632 CVE-2022-48634 CVE-2022-48636 CVE-2022-48637 CVE-2022-48638 CVE-2022-48639 CVE-2022-48640 CVE-2022-48642 CVE-2022-48644 CVE-2022-48646 CVE-2022-48647 CVE-2022-48648 CVE-2022-48650 CVE-2022-48651 CVE-2022-48652 CVE-2022-48653 CVE-2022-48654 CVE-2022-48655 CVE-2022-48656 CVE-2022-48657 CVE-2022-48658 CVE-2022-48659 CVE-2022-48660 CVE-2022-48662 CVE-2022-48663 CVE-2022-48667 CVE-2022-48668 CVE-2022-48671 CVE-2022-48672 CVE-2022-48673 CVE-2022-48675 CVE-2022-48686 CVE-2022-48687 CVE-2022-48688 CVE-2022-48690 CVE-2022-48692 CVE-2022-48693 CVE-2022-48694 CVE-2022-48695 CVE-2022-48697 CVE-2022-48698 CVE-2022-48700 CVE-2022-48701 CVE-2022-48702 CVE-2022-48703 CVE-2022-48704 CVE-2023-2860 CVE-2023-52488 CVE-2023-52503 CVE-2023-52561 CVE-2023-52585 CVE-2023-52589 CVE-2023-52590 CVE-2023-52591 CVE-2023-52593 CVE-2023-52614 CVE-2023-52616 CVE-2023-52620 CVE-2023-52627 CVE-2023-52635 CVE-2023-52636 CVE-2023-52645 CVE-2023-52652 CVE-2023-6270 CVE-2024-0639 CVE-2024-0841 CVE-2024-22099 CVE-2024-23307 CVE-2024-23848 CVE-2024-23850 CVE-2024-26601 CVE-2024-26610 CVE-2024-26656 CVE-2024-26660 CVE-2024-26671 CVE-2024-26673 CVE-2024-26675 CVE-2024-26680 CVE-2024-26681 CVE-2024-26684 CVE-2024-26685 CVE-2024-26687 CVE-2024-26688 CVE-2024-26689 CVE-2024-26696 CVE-2024-26697 CVE-2024-26702 CVE-2024-26704 CVE-2024-26718 CVE-2024-26722 CVE-2024-26727 CVE-2024-26733 CVE-2024-26736 CVE-2024-26737 CVE-2024-26739 CVE-2024-26743 CVE-2024-26744 CVE-2024-26745 CVE-2024-26747 CVE-2024-26749 CVE-2024-26751 CVE-2024-26754 CVE-2024-26760 CVE-2024-26763 CVE-2024-26764 CVE-2024-26766 CVE-2024-26769 CVE-2024-26771 CVE-2024-26772 CVE-2024-26773 CVE-2024-26776 CVE-2024-26779 CVE-2024-26783 CVE-2024-26787 CVE-2024-26790 CVE-2024-26792 CVE-2024-26793 CVE-2024-26798 CVE-2024-26805 CVE-2024-26807 CVE-2024-26816 CVE-2024-26817 CVE-2024-26820 CVE-2024-26825 CVE-2024-26830 CVE-2024-26833 CVE-2024-26836 CVE-2024-26843 CVE-2024-26848 CVE-2024-26852 CVE-2024-26853 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26861 CVE-2024-26862 CVE-2024-26866 CVE-2024-26872 CVE-2024-26875 CVE-2024-26878 CVE-2024-26879 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26891 CVE-2024-26893 CVE-2024-26895 CVE-2024-26896 CVE-2024-26897 CVE-2024-26898 CVE-2024-26901 CVE-2024-26903 CVE-2024-26917 CVE-2024-26927 CVE-2024-26948 CVE-2024-26950 CVE-2024-26951 CVE-2024-26955 CVE-2024-26956 CVE-2024-26960 CVE-2024-26965 CVE-2024-26966 CVE-2024-26969 CVE-2024-26970 CVE-2024-26972 CVE-2024-26981 CVE-2024-26982 CVE-2024-26993 CVE-2024-27013 CVE-2024-27014 CVE-2024-27030 CVE-2024-27038 CVE-2024-27039 CVE-2024-27041 CVE-2024-27043 CVE-2024-27046 CVE-2024-27056 CVE-2024-27062 CVE-2024-27389 |
CWE-ID | CWE-119 CWE-476 CWE-667 CWE-399 CWE-362 CWE-125 CWE-371 CWE-401 CWE-665 CWE-416 CWE-20 CWE-388 CWE-121 CWE-200 CWE-193 CWE-284 CWE-190 CWE-617 CWE-415 CWE-835 CWE-908 CWE-366 CWE-191 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software |
SUSE Linux Enterprise Micro Operating systems & Components / Operating system SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system kernel-rt Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_52-rt Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-livepatch Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 218 vulnerabilities.
EUVDB-ID: #VU93669
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47047
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the zynqmp_qspi_irq(), zynqmp_qspi_setuprxdma(), zynqmp_qspi_write_op(), zynqmp_qspi_exec_op() and zynqmp_qspi_probe() functions in drivers/spi/spi-zynqmp-gqspi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92071
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47181
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tusb_musb_init() function in drivers/usb/musb/tusb6010.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89395
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47182
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the scsi_mode_sense() function in drivers/scsi/scsi_lib.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90586
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47183
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_sli_issue_abort_iotag() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90587
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47184
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_sync_filters_subtask() and i40e_vsi_release() functions in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91528
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47185
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the flush_to_ldisc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91527
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47187
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the arch/arm64/boot/dts/qcom/msm8998.dtsi. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93843
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47188
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ufshcd_abort() function in drivers/scsi/ufs/ufshcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93380
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47189
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the run_ordered_work() and normal_work_helper() functions in fs/btrfs/async-thread.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90325
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47191
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the resp_readcap16() function in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89240
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47192
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error during iSCSI recovery within the store_state_field() function in drivers/scsi/scsi_sysfs.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90008
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47193
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pm8001_init_ccb_tag(), pm8001_pci_remove() and remove() functions in drivers/scsi/pm8001/pm8001_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92392
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47194
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper initialization error within the cfg80211_change_iface() function in net/wireless/util.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90204
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47195
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the spi_unregister_controller() function in drivers/spi/spi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90203
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47196
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the create_qp() function in drivers/infiniband/core/verbs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93057
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47197
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_debug_cq_remove() function in drivers/net/ethernet/mellanox/mlx5/core/debugfs.c, within the mlx5_core_destroy_cq() function in drivers/net/ethernet/mellanox/mlx5/core/cq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90208
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47198
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_mbx_cmpl_fc_reg_login() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90476
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47199
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the parse_tc_nic_actions() and parse_tc_fdb_actions() functions in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c, within the mlx5_tc_ct_match_add(), mlx5_tc_ct_parse_action() and __mlx5_tc_ct_flow_offload_clear() functions in drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90206
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47200
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_gem_prime_mmap() function in drivers/gpu/drm/drm_prime.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92971
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47201
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iavf_disable_vf() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90582
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47202
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the of_thermal_get_temp(), of_thermal_set_emul_temp(), of_thermal_get_trend() and of_thermal_set_trip_temp() functions in drivers/thermal/of-thermal.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93156
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47203
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the lpfc_drain_txq() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90205
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47204
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dpaa2_eth_remove() function in drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90007
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47205
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the DEFINE_SPINLOCK() and devm_sunxi_ccu_release() functions in drivers/clk/sunxi-ng/ccu_common.c, within the suniv_f1c100s_ccu_setup() function in drivers/clk/sunxi-ng/ccu-suniv-f1c100s.c, within the sun9i_a80_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80.c, within the sun9i_a80_usb_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80-usb.c, within the sun9i_a80_de_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80-de.c, within the sun8i_v3_v3s_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun8i-v3s.c, within the sun8i_r40_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-r40.c, within the sunxi_h3_h5_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun8i-h3.c, within the sunxi_de2_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-de2.c, within the sun8i_a83t_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-a83t.c, within the sun8i_a33_ccu_setup() and ccu_pll_notifier_register() functions in drivers/clk/sunxi-ng/ccu-sun8i-a33.c, within the sun8i_a23_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun8i-a23.c, within the sun6i_a31_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun6i-a31.c, within the sun5i_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun5i.c, within the sun50i_h616_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun50i-h616.c, within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c, within the sunxi_r_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun50i-h6-r.c, within the sun50i_a64_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a64.c, within the sun50i_a100_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a100.c, within the sun50i_a100_r_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a100-r.c, within the sun4i_ccu_init() and sunxi_ccu_probe() functions in drivers/clk/sunxi-ng/ccu-sun4i-a10.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92072
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47206
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ohci_hcd_tmio_drv_probe() function in drivers/usb/host/ohci-tmio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90583
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47207
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_gf1_dma_interrupt() function in sound/isa/gus/gus_dma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90207
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47209
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rq_of_rt_se() and rt_rq_of_se() functions in kernel/sched/rt.c, within the free_fair_sched_group() and unregister_fair_sched_group() functions in kernel/sched/fair.c, within the sched_free_group(), sched_online_group(), cpu_cgroup_css_released() and cpu_cgroup_css_free() functions in kernel/sched/core.c, within the autogroup_destroy() function in kernel/sched/autogroup.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93688
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47210
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tps6598x_block_read() function in drivers/usb/typec/tps6598x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89394
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47211
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the snd_usb_set_sample_rate_v2v3() function in sound/usb/clock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89241
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47212
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect error handling within the mlx5_internal_err_ret_value() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91649
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47214
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hugetlb_mcopy_atomic_pte() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93157
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47215
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the DECLARE_BITMAP(), resync_handle_seq_match(), mlx5e_ktls_add_rx() and mlx5e_ktls_rx_handle_resync_list() functions in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_rx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91648
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47216
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the asc_prt_adv_board_info() function in drivers/scsi/advansys.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90584
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47217
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the set_hv_tscchange_cb() function in arch/x86/hyperv/hv_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90585
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47218
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hashtab_compute_size() function in security/selinux/ss/hashtab.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90324
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47219
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the resp_report_tgtpgs() function in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92033
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48631
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ext4_ext_check() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91299
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48632
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the mlxbf_i2c_smbus_start_transaction() function in drivers/i2c/busses/i2c-mlxbf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91451
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48634
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gma_crtc_page_flip() function in drivers/gpu/drm/gma500/gma_display.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92987
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48636
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dasd_alias_remove_device() and dasd_alias_get_start_dev() functions in drivers/s390/block/dasd_alias.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90189
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48637
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bnxt_tx_int() function in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93687
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48638
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cgroup_get_from_id() function in kernel/cgroup/cgroup.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91361
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48639
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the net/sched/cls_api.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91238
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48640
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bond_open() and bond_init() functions in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89996
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48642
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nf_tables_addchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91452
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48644
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the taprio_enable_offload() and taprio_disable_offload() functions in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90565
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48646
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_siena_hard_start_xmit() function in drivers/net/ethernet/sfc/siena/tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90564
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48647
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_probe_interrupts() function in drivers/net/ethernet/sfc/efx_channels.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90566
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48648
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_hard_start_xmit() function in drivers/net/ethernet/sfc/tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89997
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48650
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __qlt_24xx_handle_abts() function in drivers/scsi/qla2xxx/qla_target.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89680
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-48651
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93379
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48652
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the ice_set_dflt_vsi_ctx(), ice_vsi_setup_q_map(), ice_vsi_setup_q_map_mqprio() and ice_vsi_cfg_tc() functions in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92032
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48653
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_schedule_reset() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91645
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48654
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to memory leak within the nf_osf_find() function in net/netfilter/nfnetlink_osf.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91400
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48655
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds read error within the scmi_domain_reset() function in drivers/firmware/arm_scmi/reset.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91362
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48656
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the of_xudma_dev_get() function in drivers/dma/ti/k3-udma-private.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91438
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48657
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to memory corruption within the validate_cpu_freq_invariance_counters() function in arch/arm64/kernel/topology.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93199
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48658
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to resource management error within the stat(), flush_all_cpus_locked() and kmem_cache_init() functions in mm/slub.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93399
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48659
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the create_unique_id() and sysfs_slab_add() functions in mm/slub.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93198
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48660
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the lineevent_create() function in drivers/gpio/gpiolib-cdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93197
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48662
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to resource management error within the i915_gem_context_release() and context_close() functions in drivers/gpu/drm/i915/gem/i915_gem_context.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90567
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48663
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gpio_mockup_init() function in drivers/gpio/gpio-mockup.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93644
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48667
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to improper management of internal resources within the smb3_insert_range() function in fs/cifs/smb2ops.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93645
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48668
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to improper management of internal resources within the smb3_collapse_range() function in fs/cifs/smb2ops.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90763
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48671
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cgroup_attach_task_all() function in kernel/cgroup/cgroup-v1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91174
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48672
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an off-by-one error within the unflatten_dt_nodes() function in drivers/of/fdt.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92028
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48673
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smc_wr_rx_process_cqes(), smc_wr_free_link() and smc_wr_create_link() functions in net/smc/smc_wr.c, within the smcr_link_init() function in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90762
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48675
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mmput_async() function in kernel/fork.c, within the mutex_unlock() function in drivers/infiniband/core/umem_odp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90175
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48686
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_tcp_io_work() function in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90314
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48687
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to an out-of-bounds read error within the seg6_genl_sethmac() function in net/ipv6/seg6.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90515
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48688
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_notify_client_of_netdev_close() and i40e_client_subtask() functions in drivers/net/ethernet/intel/i40e/i40e_client.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo: before 1-150500.11.5.1
kernel-rt-devel: before 5.14.21-150500.13.52.1
kernel-syms-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-optional: before 5.14.21-150500.13.52.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-devel: before 5.14.21-150500.13.52.1
ocfs2-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.52.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.52.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource: before 1-150500.11.5.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.52.1
gfs2-kmp-rt: before 5.14.21-150500.13.52.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-livepatch-5_14_21-150500_13_52-rt: before 1-150500.11.5.1
reiserfs-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt: before 5.14.21-150500.13.52.1
dlm-kmp-rt: before 5.14.21-150500.13.52.1
kernel-rt-livepatch: before 5.14.21-150500.13.52.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debugsource: before 5.14.21-150500.13.52.1
kernel-rt-vdso: before 5.14.21-150500.13.52.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-debuginfo: before 5.14.21-150500.13.52.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.52.1
cluster-md-kmp-rt: before 5.14.21-150500.13.52.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.52.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.52.1
kernel-source-rt: before 5.14.21-150500.13.52.1
kernel-devel-rt: before 5.14.21-150500.13.52.1
CPE2.3http://www.suse.com/support/update/announcement/2024/suse-su-20241663-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91642
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48690
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_qp_dis(), ice_xsk_pool_enable() and ice_xsk_pool_setup() functions in drivers/net/ethernet/intel/ice/ice_xsk.c, within the ice_xdp_setup_prog() function in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_alloc_rx_buf_zc() and ice_vsi_cfg_rxq() functions in drivers/net/ethernet/intel/ice/ice_base.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enter