Risk | High |
Patch available | YES |
Number of vulnerabilities | 310 |
CVE-ID | CVE-2021-47086 CVE-2021-47103 CVE-2021-47186 CVE-2021-47402 CVE-2021-47546 CVE-2021-47547 CVE-2021-47588 CVE-2021-47590 CVE-2021-47591 CVE-2021-47593 CVE-2021-47598 CVE-2021-47599 CVE-2021-47606 CVE-2021-47622 CVE-2021-47623 CVE-2021-47624 CVE-2022-48713 CVE-2022-48730 CVE-2022-48732 CVE-2022-48749 CVE-2022-48756 CVE-2022-48773 CVE-2022-48774 CVE-2022-48775 CVE-2022-48776 CVE-2022-48777 CVE-2022-48778 CVE-2022-48780 CVE-2022-48783 CVE-2022-48784 CVE-2022-48785 CVE-2022-48786 CVE-2022-48787 CVE-2022-48788 CVE-2022-48789 CVE-2022-48790 CVE-2022-48791 CVE-2022-48792 CVE-2022-48793 CVE-2022-48794 CVE-2022-48796 CVE-2022-48797 CVE-2022-48798 CVE-2022-48799 CVE-2022-48800 CVE-2022-48801 CVE-2022-48802 CVE-2022-48803 CVE-2022-48804 CVE-2022-48805 CVE-2022-48806 CVE-2022-48807 CVE-2022-48809 CVE-2022-48810 CVE-2022-48811 CVE-2022-48812 CVE-2022-48813 CVE-2022-48814 CVE-2022-48815 CVE-2022-48816 CVE-2022-48817 CVE-2022-48818 CVE-2022-48820 CVE-2022-48821 CVE-2022-48822 CVE-2022-48823 CVE-2022-48824 CVE-2022-48825 CVE-2022-48826 CVE-2022-48827 CVE-2022-48828 CVE-2022-48829 CVE-2022-48830 CVE-2022-48831 CVE-2022-48834 CVE-2022-48835 CVE-2022-48836 CVE-2022-48837 CVE-2022-48838 CVE-2022-48839 CVE-2022-48840 CVE-2022-48841 CVE-2022-48842 CVE-2022-48843 CVE-2022-48844 CVE-2022-48846 CVE-2022-48847 CVE-2022-48849 CVE-2022-48850 CVE-2022-48851 CVE-2022-48852 CVE-2022-48853 CVE-2022-48855 CVE-2022-48856 CVE-2022-48857 CVE-2022-48858 CVE-2022-48859 CVE-2022-48860 CVE-2022-48861 CVE-2022-48862 CVE-2022-48863 CVE-2022-48864 CVE-2022-48866 CVE-2023-1582 CVE-2023-37453 CVE-2023-52435 CVE-2023-52573 CVE-2023-52580 CVE-2023-52591 CVE-2023-52735 CVE-2023-52751 CVE-2023-52762 CVE-2023-52775 CVE-2023-52812 CVE-2023-52857 CVE-2023-52863 CVE-2023-52885 CVE-2023-52886 CVE-2024-25741 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26615 CVE-2024-26633 CVE-2024-26635 CVE-2024-26636 CVE-2024-26641 CVE-2024-26661 CVE-2024-26663 CVE-2024-26665 CVE-2024-26800 CVE-2024-26802 CVE-2024-26813 CVE-2024-26814 CVE-2024-26863 CVE-2024-26889 CVE-2024-26920 CVE-2024-26935 CVE-2024-26961 CVE-2024-26976 CVE-2024-27015 CVE-2024-27019 CVE-2024-27020 CVE-2024-27025 CVE-2024-27065 CVE-2024-27402 CVE-2024-27437 CVE-2024-35805 CVE-2024-35819 CVE-2024-35837 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35889 CVE-2024-35890 CVE-2024-35893 CVE-2024-35899 CVE-2024-35934 CVE-2024-35949 CVE-2024-35961 CVE-2024-35979 CVE-2024-35995 CVE-2024-36000 CVE-2024-36004 CVE-2024-36288 CVE-2024-36889 CVE-2024-36901 CVE-2024-36902 CVE-2024-36909 CVE-2024-36910 CVE-2024-36911 CVE-2024-36912 CVE-2024-36913 CVE-2024-36914 CVE-2024-36919 CVE-2024-36923 CVE-2024-36924 CVE-2024-36926 CVE-2024-36939 CVE-2024-36941 CVE-2024-36942 CVE-2024-36944 CVE-2024-36946 CVE-2024-36947 CVE-2024-36950 CVE-2024-36952 CVE-2024-36955 CVE-2024-36959 CVE-2024-36974 CVE-2024-38548 CVE-2024-38555 CVE-2024-38558 CVE-2024-38559 CVE-2024-38570 CVE-2024-38586 CVE-2024-38588 CVE-2024-38598 CVE-2024-38628 CVE-2024-39276 CVE-2024-39371 CVE-2024-39463 CVE-2024-39472 CVE-2024-39475 CVE-2024-39482 CVE-2024-39487 CVE-2024-39488 CVE-2024-39490 CVE-2024-39493 CVE-2024-39494 CVE-2024-39497 CVE-2024-39499 CVE-2024-39500 CVE-2024-39501 CVE-2024-39502 CVE-2024-39505 CVE-2024-39506 CVE-2024-39507 CVE-2024-39508 CVE-2024-39509 CVE-2024-40900 CVE-2024-40901 CVE-2024-40902 CVE-2024-40903 CVE-2024-40904 CVE-2024-40906 CVE-2024-40908 CVE-2024-40909 CVE-2024-40911 CVE-2024-40912 CVE-2024-40916 CVE-2024-40919 CVE-2024-40923 CVE-2024-40924 CVE-2024-40927 CVE-2024-40929 CVE-2024-40931 CVE-2024-40932 CVE-2024-40934 CVE-2024-40935 CVE-2024-40937 CVE-2024-40940 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40953 CVE-2024-40954 CVE-2024-40956 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40966 CVE-2024-40967 CVE-2024-40970 CVE-2024-40972 CVE-2024-40976 CVE-2024-40977 CVE-2024-40981 CVE-2024-40982 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40989 CVE-2024-40990 CVE-2024-40994 CVE-2024-40998 CVE-2024-40999 CVE-2024-41002 CVE-2024-41004 CVE-2024-41006 CVE-2024-41009 CVE-2024-41011 CVE-2024-41012 CVE-2024-41013 CVE-2024-41014 CVE-2024-41015 CVE-2024-41016 CVE-2024-41017 CVE-2024-41040 CVE-2024-41041 CVE-2024-41044 CVE-2024-41048 CVE-2024-41057 CVE-2024-41058 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064 CVE-2024-41066 CVE-2024-41069 CVE-2024-41070 CVE-2024-41071 CVE-2024-41072 CVE-2024-41076 CVE-2024-41078 CVE-2024-41081 CVE-2024-41087 CVE-2024-41090 CVE-2024-41091 CVE-2024-42070 CVE-2024-42079 CVE-2024-42093 CVE-2024-42096 CVE-2024-42105 CVE-2024-42122 CVE-2024-42124 CVE-2024-42145 CVE-2024-42161 CVE-2024-42224 CVE-2024-42230 |
CWE-ID | CWE-371 CWE-416 CWE-476 CWE-401 CWE-125 CWE-191 CWE-667 CWE-415 CWE-399 CWE-193 CWE-388 CWE-835 CWE-119 CWE-20 CWE-682 CWE-190 CWE-908 CWE-362 CWE-617 CWE-824 CWE-200 CWE-366 CWE-369 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
openSUSE Leap Micro Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system kernel-rt Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_64-rt Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-livepatch Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 310 vulnerabilities.
EUVDB-ID: #VU89260
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47086
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect handling of the socket state within the pep_ioctl() function in net/phonet/pep.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90232
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47103
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a use-after-free error within the inet6_sk_rx_dst_set(), tcp_v6_do_rcv() and tcp_v6_early_demux() functions in net/ipv6/tcp_ipv6.c, within the udp_sk_rx_dst_set(), __udp4_lib_rcv() and udp_v4_early_demux() functions in net/ipv4/udp.c, within the tcp_v4_do_rcv(), tcp_v4_early_demux(), tcp_prequeue() and inet_sk_rx_dst_set() functions in net/ipv4/tcp_ipv4.c, within the tcp_rcv_established() function in net/ipv4/tcp_input.c, within the tcp_disconnect() function in net/ipv4/tcp.c, within the inet_sock_destruct() function in net/ipv4/af_inet.c. A local user can send specially crafted packets to the system, trigger a use-after-free error and potentially execute arbitrary code.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90581
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47186
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tipc_aead_init() function in net/tipc/crypto.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90142
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47402
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fl_walk() function in net/sched/cls_flower.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89931
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47546
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within fib6_rule_suppress() function in net/ipv4/fib_rules.c. A remote attacker can send IPv6 packets to the system, trigger memory leak and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91080
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47547
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mii_get_phy() function in drivers/net/ethernet/dec/tulip/de4x5.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92374
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47588
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the sit_init_net() function in net/ipv6/sit.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92354
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47590
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __mptcp_push_pending() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92333
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47591
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mptcp_supported_sockopt() function in net/mptcp/sockopt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92335
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47593
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mptcp_accept() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92302
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47598
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cake_init() function in net/sched/sch_cake.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93763
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47599
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the btrfs_unfreeze() function in fs/btrfs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92356
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47606
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netlink_sendmsg() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94457
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47622
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL_GPL(), ufshcd_hba_capabilities(), ufshcd_wait_for_dev_cmd(), ufshcd_exec_dev_cmd(), ufshcd_issue_devman_upiu_cmd() and ufshcd_init() functions in drivers/scsi/ufs/ufshcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94487
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47623
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the set_pte_at() function in arch/powerpc/mm/pgtable.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94401
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47624
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rpc_sysfs_xprt_state_change() function in net/sunrpc/sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92920
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48713
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pt_handle_status() function in arch/x86/events/intel/pt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92882
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48730
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dma_heap_ioctl() function in drivers/dma-buf/dma-heap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92927
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48732
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the nvbios_addr() function in drivers/gpu/drm/nouveau/nvkm/subdev/bios/base.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92912
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48749
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_setup_dspp_pcc() function in drivers/gpu/drm/msm/disp/dpu1/dpu_hw_dspp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92915
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48756
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_dsi_phy_driver_unregister() function in drivers/gpu/drm/msm/dsi/phy/dsi_phy.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94439
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48773
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rpcrdma_ep_create() function in net/sunrpc/xprtrdma/verbs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94409
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48774
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pt_core_init() function in drivers/dma/ptdma/ptdma-dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94408
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48775
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vmbus_add_channel_kobj() function in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94491
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48776
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the parse_qcomsmem_cleanup() function in drivers/mtd/parsers/qcomsmempart.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94459
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48777
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the parse_qcomsmem_part() function in drivers/mtd/parsers/qcomsmempart.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94407
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48778
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gpmi_nfc_exec_op() and pm_runtime_mark_last_busy() functions in drivers/mtd/nand/raw/gpmi-nand/gpmi-nand.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94470
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48780
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the smc_fback_error_report() and smc_switch_to_fallback() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94426
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48783
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gswip_remove() function in drivers/net/dsa/lantiq_gswip.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94449
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48784
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cfg80211_event_work() function in net/wireless/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94456
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48785
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mld_newpack() function in net/ipv6/mcast.c, within the EXPORT_SYMBOL() function in net/ipv6/addrconf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94455
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48786
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vsock_stream_connect() function in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94425
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48787
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iwl_req_fw_callback() function in drivers/net/wireless/intel/iwlwifi/iwl-drv.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94424
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48788
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_rdma_error_recovery_work() function in drivers/nvme/host/rdma.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94423
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48789
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_tcp_error_recovery_work() function in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94422
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48790
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_async_event_work() function in drivers/nvme/host/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94421
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48791
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pm8001_exec_internal_tmf_task() function in drivers/scsi/pm8001/pm8001_sas.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94420
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48792
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mpi_ssp_completion() and mpi_sata_completion() functions in drivers/scsi/pm8001/pm80xx_hwi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94441
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48793
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the svm_set_nested_state() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94406
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48794
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the at86rf230_async_error_recover_complete() and at86rf230_async_error_recover() functions in drivers/net/ieee802154/at86rf230.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94419
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48796
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dev_iommu_get() function in drivers/iommu/iommu.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94477
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48797
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the change_pte_range() function in mm/mprotect.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94490
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48798
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the io_subchannel_chp_event() function in drivers/s390/cio/device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94478
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48799
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the DEFINE_PER_CPU() and perf_cgroup_switch() functions in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94454
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48800
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reclaim_throttle() function in mm/vmscan.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94416
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48801
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iio_device_buffer_getfd() function in drivers/iio/industrialio-buffer.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94460
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48802
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the smaps_page_accumulate(), smaps_account(), smaps_pte_entry(), smaps_pmd_entry(), pte_to_pagemap_entry() and pagemap_pmd_range() functions in fs/proc/task_mmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94430
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48803
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drivers/phy/ti/phy-j721e-wiz.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94431
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48804
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vt_ioctl() function in drivers/tty/vt/vt_ioctl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94432
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48805
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ax88179_rx_fixup() function in drivers/net/usb/ax88179_178a.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94467
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48806
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ee1004_eeprom_read() function in drivers/misc/eeprom/ee1004.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94433
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48807
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ice_lag_unlink() and ice_lag_event_handler() functions in drivers/net/ethernet/intel/ice/ice_lag.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94405
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48809
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the include/net/dst_metadata.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94453
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48810
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip6mr_rules_init() function in net/ipv6/ip6mr.c, within the ipmr_rules_init() function in net/ipv4/ipmr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94444
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48811
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_crq_queue(), __ibmvnic_open() and ibmvnic_open() functions in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94476
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48812
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gswip_mdio_rd(), gswip_mdio(), gswip_mdio_mask() and gswip_remove() functions in drivers/net/dsa/lantiq_gswip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94475
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48813
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vsc9959_mdio_bus_alloc() and vsc9959_mdio_bus_free() functions in drivers/net/dsa/ocelot/felix_vsc9959.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94474
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48814
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vsc9953_mdio_bus_alloc() and vsc9953_mdio_bus_free() functions in drivers/net/dsa/ocelot/seville_vsc9953.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94471
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48815
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bcm_sf2_mdio_register() function in drivers/net/dsa/bcm_sf2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94452
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48816
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xs_get_srcport() function in net/sunrpc/xprtsock.c, within the rpc_sysfs_xprt_srcaddr_show() function in net/sunrpc/sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94473
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48817
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ar9331_sw_mbus_init() and ar9331_sw_remove() functions in drivers/net/dsa/qca/ar9331.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94461
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48818
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mv88e6xxx_mdio_register() and mv88e6xxx_mdios_unregister() functions in drivers/net/dsa/mv88e6xxx/chip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94404
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48820
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the stm32_usbphyc_pll_enable() function in drivers/phy/st/phy-stm32-usbphyc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94417
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48821
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fastrpc_dmabuf_alloc() function in drivers/misc/fastrpc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94403
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48822
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ffs_data_put(), ffs_data_new(), ffs_epfiles_destroy() and ffs_func_eps_disable() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94488
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48823
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the qedf_initiate_cleanup() function in drivers/scsi/qedf/qedf_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94445
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48824
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the myrs_cleanup() function in drivers/scsi/myrs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94485
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48825
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qedf_vport_create() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94451
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48826
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vc4_dsi_host_attach() and vc4_dsi_dev_remove() functions in drivers/gpu/drm/vc4/vc4_dsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94479
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48827
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nfsd4_encode_read() and nfsd4_encode_read_plus() functions in fs/nfsd/nfs4xdr.c, within the nfsd4_read() function in fs/nfsd/nfs4proc.c, within the nfsd3_proc_read() function in fs/nfsd/nfs3proc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94466
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48828
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nfsd_setattr() function in fs/nfsd/vfs.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94492
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48829
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the svcxdr_decode_sattr3() function in fs/nfsd/nfs3xdr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94450
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48830
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the LIST_HEAD(), isotp_rcv() and isotp_init() functions in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94402
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48831
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the asymmetric_verify() function in security/integrity/digsig_asymmetric.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94481
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48834
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the usbtmc_ioctl_request() function in drivers/usb/class/usbtmc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94448
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48835
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mpt3sas_base_sync_reply_irqs() function in drivers/scsi/mpt3sas/mpt3sas_base.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94447
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48836
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the aiptek_probe() function in drivers/input/tablet/aiptek.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94465
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48837
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the rndis_set_response() function in drivers/usb/gadget/function/rndis.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94415
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48838
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb_gadget_remove_driver(), udc_bind_to_driver() and dev_err() functions in drivers/usb/gadget/udc/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94392
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48839
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tpacket_rcv() and packet_recvmsg() functions in net/packet/af_packet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94463
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48840
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the iavf_remove() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94435
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48841
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_update_vsi_tx_ring_stats() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94446
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48842
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_service_task() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94436
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48843
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL() function in drivers/gpu/drm/drm_connector.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94400
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48844
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hci_release_dev() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94399
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48846
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the blk_cleanup_queue() function in block/blk-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94428
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48847
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the watch_queue_set_filter() function in kernel/watch_queue.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94484
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48849
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_display_framebuffer_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_display.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94437
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48850
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the speed_show() function in net/core/net-sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94414
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48851
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tx_complete() function in drivers/staging/gdm724x/gdm_lte.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94398
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48852
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vc4_hdmi_audio_init() and vc4_hdmi_unbind() functions in drivers/gpu/drm/vc4/vc4_hdmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94397
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48853
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the Documentation/DMA-attributes.txt, include/linux/dma-mapping.h, lib/swiotlb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94464
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48855
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the inet_diag_msg_sctpasoc_fill() and inet_sctp_diag_fill() functions in net/sctp/sctp_diag.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94396
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48856
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gfar_get_ts_info() function in drivers/net/ethernet/freescale/gianfar_ethtool.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94412
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48857
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfc_digital_free_device() function in drivers/nfc/port100.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94411
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48858
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cmd_alloc_index() and cmd_ent_get() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94395
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48859
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the prestera_switch_set_base_mac_addr() function in drivers/net/ethernet/marvell/prestera/prestera_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94394
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48860
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xemaclite_of_probe() function in drivers/net/ethernet/xilinx/xilinx_emaclite.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94410
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48861
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vp_vdpa_remove() function in drivers/vdpa/virtio_pci/vp_vdpa.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94469
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48862
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the vhost_chr_write_iter() function in drivers/vhost/vhost.c, within the vhost_iotlb_add_range_ctx() function in drivers/vhost/iotlb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94393
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48863
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dsp_pipeline_destroy() and dsp_pipeline_build() functions in drivers/isdn/mISDN/dsp_pipeline.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94458
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48864
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the handle_ctrl_mq() function in drivers/vdpa/mlx5/net/mlx5_vnet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94429
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48866
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the thrustmaster_interrupts() function in drivers/hid/hid-thrustmaster.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU74629
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1582
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within fs/proc/task_mmu.c. A local user can exploit the race and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80795
Risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-37453
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the read_descriptors() function in drivers/usb/core/sysfs.c. An attacker with physical access to the system can attach a malicious USB device, trigger an out-of-bounds read error and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87748
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52435
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the skb_segment() function. A local user can trigger memory corruption and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90842
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52573
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rds_rdma_cm_event_handler_cmn() function in net/rds/rdma_transport.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89383
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52580
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion in net/core/flow_dissector.c. A remote attacker on the local network can send specially crafted PTP ethernet frames to the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91538
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52591
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91621
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52735
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sock_map_unhash(), sock_map_destroy() and sock_map_close() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90063
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52751
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the find_or_create_cached_dir(), spin_unlock() and open_cached_dir() functions in fs/smb/client/cached_dir.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93622
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52762
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the virtblk_probe() function in drivers/block/virtio_blk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93425
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52775
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the smcr_clnt_conf_first_link() function in net/smc/af_smc.c when handling SMC DECLINE messages. A remote attacker can send specially crafted SMC DECLINE message to the system, trigger memory corruption and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91085
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52812
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the smu_v13_0_update_pcie_parameters() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91178
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52857
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the mtk_plane_update_new_state() function in drivers/gpu/drm/mediatek/mtk_drm_plane.c, within the mtk_drm_gem_dumb_create() function in drivers/gpu/drm/mediatek/mtk_drm_gem.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90426
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52863
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the axi_fan_control_probe() function in drivers/hwmon/axi-fan-control.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94326
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52885
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svc_tcp_listen_data_ready() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94434
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52886
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_bMaxPacketSize0(), hub_port_init(), hub_port_connect() and usb_reset_and_verify_device() functions in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94364
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25741
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the printer_write() in drivers/usb/gadget/function/f_printer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87596
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26583
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition between async notify and socket close in TLS implementation in net/tls/tls_sw.c. A remote attacker can send specially crafted traffic to the system, trigger a race condition and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89001
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26584
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when handling backlogging of crypto requests in net/tls/tls_sw.c. A remote attacker can send specially crafted traffic to the system and perform a denial of service attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89251
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26585
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tls_encrypt_done() function in net/tls/tls_sw.c. A remote attacker user can send specially crafted requests to the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90627
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26615
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __smc_diag_dump() function in net/smc/smc_diag.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89267
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26633
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in NEXTHDR_FRAGMENT handling within the ip6_tnl_parse_tlv_enc_lim() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90880
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26635
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_to_be16() function in net/llc/llc_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90859
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26636
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the llc_ui_sendmsg() function in net/llc/af_llc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89396
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26641
CWE-ID:
CWE-824 - Access of Uninitialized Pointer
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to access to uninitialized data within the __ip6_tnl_rcv() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93260
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26661
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dcn21_set_abm_immediate_disable() function in drivers/gpu/drm/amd/display/dc/dcn21/dcn21_hwseq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92073
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26663
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tipc_nl_bearer_add() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90336
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26665
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iptunnel_pmtud_build_icmpv6() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90210
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26800
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the struct_group(), tls_do_decryption() and tls_decrypt_sg() functions in net/tls/tls_sw.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90589
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26802
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stmmac_fpe_stop_wq() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90588
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26813
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vfio_platform_set_irq_unmask(), vfio_automasked_irq_handler(), vfio_irq_handler(), vfio_set_trigger(), vfio_platform_set_irq_trigger(), vfio_platform_set_irqs_ioctl(), vfio_platform_irq_init() and vfio_platform_irq_cleanup() functions in drivers/vfio/platform/vfio_platform_irq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92058
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26814
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vfio_fsl_mc_set_irq_trigger() function in drivers/vfio/fsl-mc/vfio_fsl_mc_intr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90877
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26863
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hsr_get_node() function in net/hsr/hsr_framereg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91312
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26889
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hci_get_dev_info() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93805
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26920
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the register_snapshot_trigger() function in kernel/trace/trace_events_trigger.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91358
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26935
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90186
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26961
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_llsec_key_del_rcu() function in net/mac802154/llsec.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90774
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26976
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the async_pf_execute(), kvm_clear_async_pf_completion_queue(), kvm_check_async_pf_completion() and kvm_setup_async_pf() functions in virt/kvm/async_pf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94132
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27015
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_flow_tuple_encap() function in net/netfilter/nf_flow_table_ip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91431
Risk: Low
CVSSv3.1: 4.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27019
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a data race within the __nft_obj_type_get() and nft_obj_type_get() functions in net/netfilter/nf_tables_api.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91432
Risk: Low
CVSSv3.1: 6.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27020
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a data race within the __nft_expr_type_get() and nft_expr_type_get() functions in net/netfilter/nf_tables_api.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93453
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27025
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nbd_genl_status() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94105
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27065
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92026
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27402
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pep_sock_enable() and pep_ioctl() functions in net/phonet/pep.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93202
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27437
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vfio_intx_set_signal() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91519
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35805
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dm_exception_table_exit() function in drivers/md/dm-snap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91448
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35819
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qman_create_portal(), qm_congestion_task(), qman_create_cgr(), qman_delete_cgr() and qman_update_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93435
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35837
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mvpp2_bm_pool_cleanup() and mvpp2_bm_init() functions in drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89984
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35853
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_acl_tcam_vchunk_migrate_start() and mlxsw_sp_acl_tcam_vregion_migrate() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90162
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35854
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_vregion_rehash() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90163
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35855
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_ventry_activity_get() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93427
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35889
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the idpf_rx_process_skb_fields() function in drivers/net/ethernet/intel/idpf/idpf_txrx.c when handling unknown packet types. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93651
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35890
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the skb_gro_receive_list() and skb_gro_receive() functions in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93609
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35893
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tcf_skbmod_dump() function in net/sched/act_skbmod.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90160
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35899
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_tables_module_exit() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92020
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35934
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smc_pnet_create_pnetids_list() function in net/smc/smc_pnet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91391
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35949
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __btrfs_check_leaf() and __btrfs_check_node() functions in fs/btrfs/tree-checker.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92019
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35961
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5_sf_dev_remove() function in drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c, within the mlx5_init_one_devl_locked(), mlx5_init_one(), mlx5_uninit_one(), mlx5_init_one_light(), mlx5_uninit_one_light(), probe_one() and remove_one() functions in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90144
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35979
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the raid1_write_request() function in drivers/md/raid1.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92955
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35995
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the show_cppc_data(), acpi_cppc_processor_probe(), cpc_read() and cpc_write() functions in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90907
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36000
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the alloc_huge_page() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93281
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36004
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the i40e_init_module() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93062
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36288
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90975
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36889
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91224
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36901
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ip6_output() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91222
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36902
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __fib6_rule_action() function in net/ipv6/fib6_rules.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93085
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36909
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vmbus_free_ring() function in drivers/hv/channel.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93345
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36910
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hv_uio_cleanup() and hv_uio_probe() functions in drivers/uio/uio_hv_generic.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93346
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36911
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the free_netvsc_device() function in drivers/net/hyperv/netvsc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91324
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36912
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the __vmbus_establish_gpadl() and kfree() functions in drivers/hv/channel.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91323
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36913
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vmbus_connect() and vmbus_disconnect() functions in drivers/hv/connection.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90269
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36914
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dm_resume(), get_highest_refresh_rate_mode() and amdgpu_dm_commit_audio() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92010
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36919
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the bnx2fc_free_session_resc() function in drivers/scsi/bnx2fc/bnx2fc_tgt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90864
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36923
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the v9fs_evict_inode() function in fs/9p/vfs_inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90734
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36924
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_set_rrq_active() and lpfc_sli_post_recovery_event() functions in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_dev_loss_tmo_callbk() function in drivers/scsi/lpfc/lpfc_hbadisc.c, within the lpfc_els_retry_delay() function in drivers/scsi/lpfc/lpfc_els.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90384
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36926
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pci_dma_bus_setup_pSeriesLP() function in arch/powerpc/platforms/pseries/iommu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92054
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36939
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nfs_net_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90528
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36941
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nl80211_set_coalesce() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89927
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36942
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qca_download_firmware() function in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91502
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36944
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qxl_fence_wait() function in drivers/gpu/drm/qxl/qxl_release.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93469
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36946
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the rtm_phonet_notify() function in net/phonet/pn_netlink.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91614
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36947
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the remove_device_files() function in drivers/infiniband/hw/qib/qib_fs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92055
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36950
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91463
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36952
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the lpfc_vport_delete() function in drivers/scsi/lpfc/lpfc_vport.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91613
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36955
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the is_link_enabled() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91321
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36959
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93310
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36974
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the taprio_parse_mqprio_opt() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92349
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38548
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cdns_mhdp_atomic_enable() function in drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92307
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38555
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cmd_comp_notifier() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94117
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38558
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when parsing ICMPv6 packets within the parse_icmpv6() function in net/openvswitch/flow.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92328
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38559
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qedf_dbg_debug_cmd_write() function in drivers/scsi/qedf/qedf_debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92309
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38570
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gfs2_gl_hash_clear() function in fs/gfs2/super.c, within the init_sbd() function in fs/gfs2/ops_fstype.c, within the gdlm_ast(), gdlm_bast() and gdlm_put_lock() functions in fs/gfs2/lock_dlm.c, within the glock_blocked_by_withdraw() and gfs2_gl_hash_clear() functions in fs/gfs2/glock.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93134
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38586
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rtl8169_doorbell() and rtl8169_start_xmit() functions in drivers/net/ethernet/realtek/r8169_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92312
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38588
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lookup_rec(), ftrace_location_range(), ftrace_process_locs(), ftrace_release_mod() and ftrace_free_mem() functions in kernel/trace/ftrace.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92320
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38598
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __acquires() function in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93037
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38628
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the free_ep_fback(), u_audio_set_volume(), u_audio_set_mute() and g_audio_setup() functions in drivers/usb/gadget/function/u_audio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93320
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-39276
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_xattr_block_cache_find() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93329
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-39371
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the io_ring_buffer_select() function in io_uring/kbuf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93322
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-39463
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the v9fs_cached_dentry_delete() function in fs/9p/vfs_dentry.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93820
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-39472
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xlog_do_recovery_pass() function in fs/xfs/xfs_log_recover.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug: before 5.14.21-150500.13.64.1
kernel-rt-vdso: before 5.14.21-150500.13.64.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt: before 1-150500.11.3.1
kernel-rt-extra: before 5.14.21-150500.13.64.1
kernel-syms-rt: before 5.14.21-150500.13.64.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.64.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debugsource: before 5.14.21-150500.13.64.1
kernel-rt-optional: before 5.14.21-150500.13.64.1
dlm-kmp-rt: before 5.14.21-150500.13.64.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.64.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt: before 5.14.21-150500.13.64.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.64.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.64.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-devel: before 5.14.21-150500.13.64.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.64.1
reiserfs-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.64.1
gfs2-kmp-rt: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt: before 5.14.21-150500.13.64.1
kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.64.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.64.1
kernel-rt-livepatch: before 5.14.21-150500.13.64.1
kernel-devel-rt: before 5.14.21-150500.13.64.1
kernel-source-rt: before 5.14.21-150500.13.64.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20242894-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93828
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-39475
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the savagefb_probe() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5