SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 185
CVE-ID CVE-2020-36788
CVE-2021-3743
CVE-2021-39698
CVE-2021-43056
CVE-2021-47104
CVE-2021-47192
CVE-2021-47200
CVE-2021-47220
CVE-2021-47227
CVE-2021-47228
CVE-2021-47229
CVE-2021-47230
CVE-2021-47231
CVE-2021-47235
CVE-2021-47236
CVE-2021-47237
CVE-2021-47239
CVE-2021-47240
CVE-2021-47241
CVE-2021-47246
CVE-2021-47252
CVE-2021-47253
CVE-2021-47254
CVE-2021-47255
CVE-2021-47258
CVE-2021-47259
CVE-2021-47260
CVE-2021-47261
CVE-2021-47263
CVE-2021-47265
CVE-2021-47267
CVE-2021-47269
CVE-2021-47270
CVE-2021-47274
CVE-2021-47275
CVE-2021-47276
CVE-2021-47280
CVE-2021-47281
CVE-2021-47284
CVE-2021-47288
CVE-2021-47289
CVE-2021-47296
CVE-2021-47301
CVE-2021-47302
CVE-2021-47305
CVE-2021-47307
CVE-2021-47308
CVE-2021-47314
CVE-2021-47315
CVE-2021-47320
CVE-2021-47321
CVE-2021-47323
CVE-2021-47324
CVE-2021-47329
CVE-2021-47330
CVE-2021-47332
CVE-2021-47333
CVE-2021-47334
CVE-2021-47337
CVE-2021-47338
CVE-2021-47340
CVE-2021-47341
CVE-2021-47343
CVE-2021-47344
CVE-2021-47347
CVE-2021-47348
CVE-2021-47350
CVE-2021-47353
CVE-2021-47354
CVE-2021-47356
CVE-2021-47369
CVE-2021-47375
CVE-2021-47378
CVE-2021-47381
CVE-2021-47382
CVE-2021-47383
CVE-2021-47387
CVE-2021-47388
CVE-2021-47391
CVE-2021-47392
CVE-2021-47393
CVE-2021-47395
CVE-2021-47396
CVE-2021-47399
CVE-2021-47402
CVE-2021-47404
CVE-2021-47405
CVE-2021-47409
CVE-2021-47413
CVE-2021-47416
CVE-2021-47422
CVE-2021-47423
CVE-2021-47424
CVE-2021-47425
CVE-2021-47426
CVE-2021-47428
CVE-2021-47431
CVE-2021-47434
CVE-2021-47435
CVE-2021-47436
CVE-2021-47441
CVE-2021-47442
CVE-2021-47443
CVE-2021-47444
CVE-2021-47445
CVE-2021-47451
CVE-2021-47456
CVE-2021-47458
CVE-2021-47460
CVE-2021-47464
CVE-2021-47465
CVE-2021-47468
CVE-2021-47473
CVE-2021-47478
CVE-2021-47480
CVE-2021-47482
CVE-2021-47483
CVE-2021-47485
CVE-2021-47493
CVE-2021-47494
CVE-2021-47495
CVE-2021-47496
CVE-2021-47497
CVE-2021-47498
CVE-2021-47499
CVE-2021-47500
CVE-2021-47501
CVE-2021-47502
CVE-2021-47503
CVE-2021-47505
CVE-2021-47506
CVE-2021-47507
CVE-2021-47509
CVE-2021-47511
CVE-2021-47512
CVE-2021-47516
CVE-2021-47518
CVE-2021-47521
CVE-2021-47522
CVE-2021-47523
CVE-2021-47527
CVE-2021-47535
CVE-2021-47536
CVE-2021-47538
CVE-2021-47540
CVE-2021-47541
CVE-2021-47542
CVE-2021-47549
CVE-2021-47557
CVE-2021-47562
CVE-2021-47563
CVE-2021-47565
CVE-2022-1195
CVE-2022-20132
CVE-2022-48636
CVE-2022-48673
CVE-2022-48704
CVE-2022-48710
CVE-2023-0160
CVE-2023-1829
CVE-2023-2176
CVE-2023-4244
CVE-2023-47233
CVE-2023-52433
CVE-2023-52581
CVE-2023-52591
CVE-2023-52654
CVE-2023-52655
CVE-2023-52686
CVE-2023-52840
CVE-2023-52871
CVE-2023-52880
CVE-2023-6531
CVE-2024-26581
CVE-2024-26643
CVE-2024-26828
CVE-2024-26921
CVE-2024-26925
CVE-2024-26929
CVE-2024-26930
CVE-2024-27398
CVE-2024-27413
CVE-2024-35811
CVE-2024-35895
CVE-2024-35914
CWE-ID CWE-416
CWE-125
CWE-252
CWE-401
CWE-371
CWE-476
CWE-119
CWE-399
CWE-200
CWE-388
CWE-665
CWE-20
CWE-908
CWE-667
CWE-121
CWE-415
CWE-362
CWE-191
CWE-264
Exploitation vector Local network
Public exploit Public exploit code for vulnerability #160 is available.
Vulnerable software
SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Enterprise Storage
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

dtb-al
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-zte
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-extra-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-preempt-devel
Operating systems & Components / Operating system package or component

kernel-preempt-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-devel-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-extra
Operating systems & Components / Operating system package or component

kernel-preempt-optional
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-debugsource
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_164-preempt
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_164-default
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP3_Update_45-debugsource
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 185 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU90085

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-36788

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nouveau_gem_new() function in drivers/gpu/drm/nouveau/nouveau_gem.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU63913

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3743

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a boundary condition in the Qualcomm IPC router protocol in the Linux kernel. A local user can gain access to out-of-bounds memory to leak internal kernel information or perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU61097

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-39698

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Linux kernel. A local user can run a specially crafted program to trigger the use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Unchecked Return Value

EUVDB-ID: #VU63921

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-43056

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation error when handling SRR1 register values. A local user can perform a denial of service attack, when the host is running on Power8.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory leak

EUVDB-ID: #VU90019

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47104

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the qib_user_sdma_queue_pkts() function in drivers/infiniband/hw/qib/qib_user_sdma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) State Issues

EUVDB-ID: #VU89240

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47192

CWE-ID: CWE-371 - State Issues

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error during iSCSI recovery within the store_state_field() function in drivers/scsi/scsi_sysfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU90206

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47200

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_gem_prime_mmap() function in drivers/gpu/drm/drm_prime.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) NULL pointer dereference

EUVDB-ID: #VU90462

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47220

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dwc3_remove() function in drivers/usb/dwc3/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Buffer overflow

EUVDB-ID: #VU93146

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47227

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the __fpu__restore_sig() function in arch/x86/kernel/fpu/signal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use-after-free

EUVDB-ID: #VU93348

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47228

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __ioremap_check_other() function in arch/x86/mm/ioremap.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Resource management error

EUVDB-ID: #VU93455

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47229

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the advk_pcie_wait_pio(), advk_pcie_rd_conf() and advk_pcie_wr_conf() functions in drivers/pci/host/pci-aardvark.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) NULL pointer dereference

EUVDB-ID: #VU90466

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47230

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the emulator_get_hflags() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Memory leak

EUVDB-ID: #VU89946

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47231

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mcba_usb_start() and mcba_usb_open() functions in drivers/net/can/usb/mcba_usb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU90089

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47235

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ec_bhf_remove() function in drivers/net/ethernet/ec_bhf.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Memory leak

EUVDB-ID: #VU91632

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47236

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the eem_tx_fixup() function in drivers/net/usb/cdc_eem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Memory leak

EUVDB-ID: #VU89947

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47237

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mkiss_close() function in drivers/net/hamradio/mkiss.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Memory leak

EUVDB-ID: #VU89949

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47239

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smsc75xx_bind() and smsc75xx_unbind() functions in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

EUVDB-ID: #VU90290

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47240

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the qrtr_endpoint_post() function in net/qrtr/qrtr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Buffer overflow

EUVDB-ID: #VU93239

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47241

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the strset_reply_size() function in net/ethtool/strset.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Information disclosure

EUVDB-ID: #VU91342

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47246

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the mlx5_hairpin_unpair_peer_sq(), mlx5_hairpin_unpair_queues() and mlx5_core_hairpin_destroy() functions in drivers/net/ethernet/mellanox/mlx5/core/transobj.c, within the mlx5e_tc_hairpin_update_dead_peer() function in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Resource management error

EUVDB-ID: #VU93253

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47252

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the batadv_iv_ogm_emit() function in net/batman-adv/bat_iv_ogm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Memory leak

EUVDB-ID: #VU89952

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47253

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dm_dmub_hw_init() and dm_suspend() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU90086

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47254

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __acquires() and gfs2_scan_glock_lru() functions in fs/gfs2/glock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Information disclosure

EUVDB-ID: #VU91341

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47255

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the kvm_lapic_reg_read() function in arch/x86/kvm/lapic.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Improper error handling

EUVDB-ID: #VU90937

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47258

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the scsi_host_alloc() function in drivers/scsi/hosts.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free

EUVDB-ID: #VU90092

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47259

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nfs4_init_client() function in fs/nfs/nfs4client.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242185-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) NULL pointer dereference

EUVDB-ID: #VU91230

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47260

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nfs_get_client() function in fs/nfs/client.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.164.1

dtb-allwinner: before 5.3.18-150300.59.164.1

dtb-lg: before 5.3.18-150300.59.164.1

dtb-al: before 5.3.18-150300.59.164.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.164.1

dtb-amlogic: before 5.3.18-150300.59.164.1

dtb-nvidia: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-extra: before 5.3.18-150300.59.164.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-xilinx: before 5.3.18-150300.59.164.1

dtb-renesas: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-cavium: before 5.3.18-150300.59.164.1

kernel-64kb-devel: before 5.3.18-150300.59.164.1

gfs2-kmp-64kb: before 5.3.18-150300.59.164.1

dlm-kmp-64kb: before 5.3.18-150300.59.164.1

kselftests-kmp-64kb: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-zte: before 5.3.18-150300.59.164.1

dtb-broadcom: before 5.3.18-150300.59.164.1

dtb-altera: before 5.3.18-150300.59.164.1

dtb-mediatek: before 5.3.18-150300.59.164.1

dtb-marvell: before 5.3.18-150300.59.164.1

dtb-qcom: before 5.3.18-150300.59.164.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

dtb-amd: before 5.3.18-150300.59.164.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.164.1

dtb-socionext: before 5.3.18-150300.59.164.1

dtb-exynos: before 5.3.18-150300.59.164.1

dtb-apm: before 5.3.18-150300.59.164.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.164.1

kernel-64kb-optional: before 5.3.18-150300.59.164.1

dtb-freescale: before 5.3.18-150300.59.164.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.164.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-64kb-debugsource: before 5.3.18-150300.59.164.1

dtb-arm: before 5.3.18-150300.59.164.1

dtb-hisilicon: before 5.3.18-150300.59.164.1

dtb-sprd: before 5.3.18-150300.59.164.1

dtb-rockchip: before 5.3.18-150300.59.164.1

dtb-aarch64: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.164.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.164.1

kernel-zfcpdump: before 5.3.18-150300.59.164.1

kernel-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-preempt-devel: before 5.3.18-150300.59.164.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.164.1

dlm-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-extra: before 5.3.18-150300.59.164.1

kernel-preempt-optional: before 5.3.18-150300.59.164.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-preempt-debugsource: before 5.3.18-150300.59.164.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.164.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.164.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.164.1

kernel-livepatch-5_3_18-150300_59_164-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_164-default: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_45-debugsource: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.164.1

kernel-obs-qa: before 5.3.18-150300.59.164.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.164.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-base-rebuild: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel: before 5.3.18-150300.59.164.1

reiserfs-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.164.1

gfs2-kmp-default: before 5.3.18-150300.59.164.1

kselftests-kmp-default: before 5.3.18-150300.59.164.1

kernel-syms: before 5.3.18-150300.59.164.1

kernel-default-optional: before 5.3.18-150300.59.164.1

kernel-default-extra: before 5.3.18-150300.59.164.1

kernel-default-livepatch: before 5.3.18-150300.59.164.1

dlm-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-base: before 5.3.18-150300.59.164.1.150300.18.96.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.164.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

ocfs2-kmp-default: before 5.3.18-150300.59.164.1

cluster-md-kmp-default: before 5.3.18-150300.59.164.1

kernel-default-debugsource: before 5.3.18-150300.59.164.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-obs-build: before 5.3.18-150300.59.164.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.164.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debuginfo: before 5.3.18-150300.59.164.1

kernel-debug-debugsource: before 5.3.18-150300.59.164.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.164.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.164.1

kernel-debug-devel: before 5.3.18-150300.59.164.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.164.1

kernel-debug: before 5.3.18-150300.59.164.1

kernel-kvmsmall: before 5.3.18-150300.59.164.1

kernel-docs-html: before 5.3.18-150300.59.164.1

kernel-devel: before 5.3.18-150300.59.164.1

kernel-source-vanilla: before 5.3.18-150300.59.164.1

kernel-source: before 5.3.18-150300.59.164.1

kernel-macros: before 5.3.18-150300.59.164.1

kernel-docs: before 5.3.18-150300.59.164.1

CPE2.3