SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 194
CVE-ID CVE-2021-4439
CVE-2021-47534
CVE-2021-47576
CVE-2021-47578
CVE-2021-47580
CVE-2021-47582
CVE-2021-47583
CVE-2021-47584
CVE-2021-47585
CVE-2021-47586
CVE-2021-47587
CVE-2021-47589
CVE-2021-47592
CVE-2021-47596
CVE-2021-47597
CVE-2021-47598
CVE-2021-47600
CVE-2021-47601
CVE-2021-47602
CVE-2021-47603
CVE-2021-47607
CVE-2021-47608
CVE-2021-47609
CVE-2021-47611
CVE-2021-47612
CVE-2021-47614
CVE-2021-47615
CVE-2021-47616
CVE-2021-47617
CVE-2021-47618
CVE-2021-47619
CVE-2021-47620
CVE-2021-47622
CVE-2021-47624
CVE-2022-0854
CVE-2022-20368
CVE-2022-28748
CVE-2022-2964
CVE-2022-48711
CVE-2022-48712
CVE-2022-48713
CVE-2022-48715
CVE-2022-48717
CVE-2022-48720
CVE-2022-48721
CVE-2022-48722
CVE-2022-48723
CVE-2022-48724
CVE-2022-48725
CVE-2022-48726
CVE-2022-48727
CVE-2022-48728
CVE-2022-48729
CVE-2022-48730
CVE-2022-48732
CVE-2022-48734
CVE-2022-48735
CVE-2022-48736
CVE-2022-48737
CVE-2022-48738
CVE-2022-48739
CVE-2022-48740
CVE-2022-48743
CVE-2022-48744
CVE-2022-48745
CVE-2022-48746
CVE-2022-48747
CVE-2022-48749
CVE-2022-48751
CVE-2022-48752
CVE-2022-48754
CVE-2022-48756
CVE-2022-48758
CVE-2022-48759
CVE-2022-48760
CVE-2022-48761
CVE-2022-48763
CVE-2022-48765
CVE-2022-48767
CVE-2022-48768
CVE-2022-48769
CVE-2022-48771
CVE-2022-48773
CVE-2022-48774
CVE-2022-48775
CVE-2022-48776
CVE-2022-48777
CVE-2022-48778
CVE-2022-48780
CVE-2022-48783
CVE-2022-48784
CVE-2022-48786
CVE-2022-48787
CVE-2022-48788
CVE-2022-48789
CVE-2022-48790
CVE-2022-48791
CVE-2022-48792
CVE-2022-48793
CVE-2022-48794
CVE-2022-48796
CVE-2022-48797
CVE-2022-48798
CVE-2022-48799
CVE-2022-48800
CVE-2022-48801
CVE-2022-48802
CVE-2022-48803
CVE-2022-48804
CVE-2022-48805
CVE-2022-48806
CVE-2022-48807
CVE-2022-48811
CVE-2022-48812
CVE-2022-48813
CVE-2022-48814
CVE-2022-48815
CVE-2022-48816
CVE-2022-48817
CVE-2022-48818
CVE-2022-48820
CVE-2022-48821
CVE-2022-48822
CVE-2022-48823
CVE-2022-48824
CVE-2022-48825
CVE-2022-48826
CVE-2022-48827
CVE-2022-48828
CVE-2022-48829
CVE-2022-48830
CVE-2022-48831
CVE-2022-48834
CVE-2022-48835
CVE-2022-48836
CVE-2022-48837
CVE-2022-48838
CVE-2022-48839
CVE-2022-48840
CVE-2022-48841
CVE-2022-48842
CVE-2022-48843
CVE-2022-48847
CVE-2022-48849
CVE-2022-48851
CVE-2022-48853
CVE-2022-48856
CVE-2022-48857
CVE-2022-48858
CVE-2022-48859
CVE-2022-48860
CVE-2022-48861
CVE-2022-48862
CVE-2022-48863
CVE-2022-48866
CVE-2023-1582
CVE-2023-37453
CVE-2023-52591
CVE-2023-52762
CVE-2023-52766
CVE-2023-52800
CVE-2023-52885
CVE-2023-52886
CVE-2024-26583
CVE-2024-26584
CVE-2024-26585
CVE-2024-26800
CVE-2024-26813
CVE-2024-26814
CVE-2024-26976
CVE-2024-35878
CVE-2024-35901
CVE-2024-35905
CVE-2024-36926
CVE-2024-36974
CVE-2024-38541
CVE-2024-38555
CVE-2024-38559
CVE-2024-39463
CVE-2024-39494
CVE-2024-40902
CVE-2024-40937
CVE-2024-40954
CVE-2024-40956
CVE-2024-40989
CVE-2024-40994
CVE-2024-41011
CVE-2024-41012
CVE-2024-41059
CVE-2024-41069
CVE-2024-41090
CVE-2024-42093
CVE-2024-42145
CVE-2024-42230
CWE-ID CWE-125
CWE-401
CWE-416
CWE-476
CWE-399
CWE-908
CWE-369
CWE-667
CWE-119
CWE-20
CWE-835
CWE-787
CWE-388
CWE-193
CWE-191
CWE-362
CWE-682
CWE-190
CWE-415
Exploitation vector Network
Public exploit N/A
Vulnerable software
SUSE Linux Enterprise Server 15 SP4 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing ESPOS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15 SP4 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

dtb-amazon
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-apple
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_128-default
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP4_Update_29-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 194 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU92900

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-4439

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the detach_capi_ctr() function in drivers/isdn/capi/kcapi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory leak

EUVDB-ID: #VU91617

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47534

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vc4_atomic_commit_tail() function in drivers/gpu/drm/vc4/vc4_kms.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU92299

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47576

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the resp_mode_select() function in drivers/scsi/scsi_debug.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU92340

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47578

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the resp_verify() and resp_report_zones() functions in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU92318

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47580

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the p_fill_from_dev_buffer(), resp_inquiry(), resp_requests(), resp_mode_sense(), resp_ie_l_pg(), resp_log_sense() and resp_report_zones() functions in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Resource management error

EUVDB-ID: #VU93277

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47582

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the usbdev_release(), do_proc_control() and do_proc_bulk() functions in drivers/usb/core/devio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use of uninitialized resource

EUVDB-ID: #VU92933

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47583

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the mxl111sf_init() and mxl111sf_get_stream_config_dvbt() functions in drivers/media/usb/dvb-usb-v2/mxl111sf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Division by zero

EUVDB-ID: #VU92379

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47584

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the ioc_timer_fn() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Memory leak

EUVDB-ID: #VU92290

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47585

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU92315

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47586

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rk_gmac_setup() function in drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper locking

EUVDB-ID: #VU92353

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47587

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the tdma_port_write_desc_addr() and bcm_sysport_open() functions in drivers/net/ethernet/broadcom/bcmsysport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU92300

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47589

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the igbvf_probe() function in drivers/net/ethernet/intel/igbvf/netdev.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) NULL pointer dereference

EUVDB-ID: #VU92334

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47592

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tc_setup_cls_u32(), tc_init(), tc_del_flow() and tc_add_vlan_flow() functions in drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU92301

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47596

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hclgevf_send_mbx_msg() function in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_mbx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use of uninitialized resource

EUVDB-ID: #VU92934

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47597

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the inet_sk_diag_fill() function in net/ipv4/inet_diag.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Use-after-free

EUVDB-ID: #VU92302

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47598

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cake_init() function in net/sched/sch_cake.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU92303

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rebalance_children() function in drivers/md/persistent-data/dm-btree-remove.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) NULL pointer dereference

EUVDB-ID: #VU92337

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47601

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the copy_ta_binary() function in drivers/tee/amdtee/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use of uninitialized resource

EUVDB-ID: #VU92372

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47602

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ieee80211_sta_tx_wmm_ac_notify() function in net/mac80211/mlme.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Improper locking

EUVDB-ID: #VU92355

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47603

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the kauditd_send_queue() and audit_net_init() functions in kernel/audit.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Memory leak

EUVDB-ID: #VU92291

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47607

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the check_atomic() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Memory leak

EUVDB-ID: #VU92292

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47608

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the check_atomic() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Buffer overflow

EUVDB-ID: #VU93303

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47609

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the scpi_pm_domain_probe() function in drivers/firmware/scpi_pm_domain.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Input validation error

EUVDB-ID: #VU93309

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47611

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ieee802_11_parse_elems_crc() function in net/mac80211/util.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) NULL pointer dereference

EUVDB-ID: #VU92339

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47612

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nfc_genl_dump_devices_done() function in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free

EUVDB-ID: #VU92993

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47614

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the add_pble_prm() function in drivers/infiniband/hw/irdma/pble.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Improper locking

EUVDB-ID: #VU92357

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47615

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mlx5_ib_dereg_mr(), mlx5_ib_alloc_pi_mr() and __mlx5_ib_alloc_mr() functions in drivers/infiniband/hw/mlx5/mr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Use-after-free

EUVDB-ID: #VU92304

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47616

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rxe_qp_from_init() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Infinite loop

EUVDB-ID: #VU92929

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47617

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the pciehp_ist() function in drivers/pci/hotplug/pciehp_hpc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) NULL pointer dereference

EUVDB-ID: #VU92918

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47618

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the obj-$() function in arch/arm/probes/kprobes/Makefile. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) NULL pointer dereference

EUVDB-ID: #VU92919

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47619

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_get_lump() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242929-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Out-of-bounds read

EUVDB-ID: #VU92905

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47620

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hci_le_adv_report_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

dtb-amazon: before 5.14.21-150400.24.128.1

dtb-socionext: before 5.14.21-150400.24.128.1

dtb-xilinx: before 5.14.21-150400.24.128.1

dtb-nvidia: before 5.14.21-150400.24.128.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.128.1

dtb-qcom: before 5.14.21-150400.24.128.1

dtb-sprd: before 5.14.21-150400.24.128.1

dtb-marvell: before 5.14.21-150400.24.128.1

dtb-broadcom: before 5.14.21-150400.24.128.1

dlm-kmp-64kb: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-rockchip: before 5.14.21-150400.24.128.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.128.1

dtb-apm: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-hisilicon: before 5.14.21-150400.24.128.1

dtb-renesas: before 5.14.21-150400.24.128.1

dtb-amlogic: before 5.14.21-150400.24.128.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-arm: before 5.14.21-150400.24.128.1

dtb-mediatek: before 5.14.21-150400.24.128.1

dtb-altera: before 5.14.21-150400.24.128.1

kernel-64kb-extra: before 5.14.21-150400.24.128.1

dtb-freescale: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.128.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-optional: before 5.14.21-150400.24.128.1

dtb-allwinner: before 5.14.21-150400.24.128.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.128.1

dtb-cavium: before 5.14.21-150400.24.128.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

dtb-apple: before 5.14.21-150400.24.128.1

dtb-exynos: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.128.1

dtb-amd: before 5.14.21-150400.24.128.1

dtb-lg: before 5.14.21-150400.24.128.1

dtb-aarch64: before 5.14.21-150400.24.128.1

kernel-livepatch-5_14_21-150400_24_128-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_29-debugsource: before 1-150400.9.3.1

kernel-livepatch-5_14_21-150400_24_128-default-debuginfo: before 1-150400.9.3.1

kernel-kvmsmall: before 5.14.21-150400.24.128.1

kernel-obs-qa: before 5.14.21-150400.24.128.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-optional: before 5.14.21-150400.24.128.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-livepatch: before 5.14.21-150400.24.128.1

kselftests-kmp-default: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base-rebuild: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.128.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-devel: before 5.14.21-150400.24.128.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug-debugsource: before 5.14.21-150400.24.128.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.128.1

kernel-debug-debuginfo: before 5.14.21-150400.24.128.1

kernel-debug: before 5.14.21-150400.24.128.1

kernel-docs-html: before 5.14.21-150400.24.128.1

kernel-source-vanilla: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.128.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.128.1

kernel-zfcpdump: before 5.14.21-150400.24.128.1

kernel-default-extra: before 5.14.21-150400.24.128.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.128.1

kernel-docs: before 5.14.21-150400.24.128.1

kernel-devel: before 5.14.21-150400.24.128.1

kernel-macros: before 5.14.21-150400.24.128.1

kernel-source: before 5.14.21-150400.24.128.1

kernel-default-devel: before 5.14.21-150400.24.128.1

kernel-obs-build: before 5.14.21-150400.24.128.1

reiserfs-kmp-default: before 5.14.21-150400.24.128.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.128.1

kernel-default-base: before 5.14.21-150400.24.128.1.150400.24.62.1

kernel-syms: before 5.14.21-150400.24.128.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-devel: before 5.14.21-150400.24.128.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb-debugsource: before 5.14.21-150400.24.128.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.128.1

kernel-64kb: before 5.14.21-150400.24.128.1

kernel-default: before 5.14.21-150400.24.128.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

kernel-default-debugsource: before 5.14.21-150400.24.128.1

kernel-default-debuginfo: before 5.14.21-150400.24.128.1

dlm-kmp-default: before 5.14.21-150400.24.128.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

ocfs2-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default: before 5.14.21-150400.24.128.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.128.1

gfs2-kmp-default: before 5.14.21-150400.24.128.1

CPE2.3